How To Set Up a Network Bridge for LXD Containers

Published by Stephan on

Most of our web applications run in LXD containers. Not without reason LXD is one of the most important features of Ubuntu Server for me. There are many ways to access a web application in an LXD container from outside. For example, you can use a reverse proxy to control access to the containers. Another possibility is to set up a network bridge so that the containers are in the same network as the container host (the Ubuntu server). In this article I would like to describe how to set up a network bridge for LXD containers.

Network Bridge for LXD Containers

To set up a network bridge under Ubuntu, you need to install the bridge-utils:

Then you can set up the network bridge.

Ubuntu 16.04

Up to Ubuntu 16.04 Ubuntu uses ifupdown to set network connection settings. The configuration is done in the files under /etc/network/. A simple network bridge – to get the containers into the host network – might look like this:

In this example the bridge gets its address from a DHCP server. The real network card enp4s0 is set to manual mode and assigned to the bridge.

Ubuntu 18.04

As of Ubuntu 18.04 Netplan is used to configure the network connections. The configuration files can be found under /etc/netplan/. A definition for the bridge could look like this:

In the upper part you configure the real network card (enp3s0) and don’t assign an address to it. Then the definition of the network bridge follows. It is set up like a static network connection and also contains the key interfaces. There you define which real network card should be “bridged”. You will find further (more complex) examples of network bridges on the official website.

Now the following command applies the changes to the network settings:

Assign Network Bridge

Once you have finished setting up the network bridge and it gets the correct IP address, you have to tell the LXD container to get its IP address from the network bridge. This can be done with the following command:

With name=eth0 you define under which name the network card can be found in the container. Now you can configure eth0 in the container as you like. From now on the container will get an IP address from the host network.

Conclusion

You can set up a simple network bridge quit easily and assign it to a container. This allows other users on the network to access a web application without the need to set up a reverse proxy on the container host. More complex scenarios are also possible (VLANs, multiple bridges to get containers into different networks, etc.), but this would go beyond the scope of this short article.


Stephan

Stephan

I'm a teacher and IT system administrator in an international school. I love open source software and I used it over a decade in my private and work life. My passion is to solve problems with open source software!

Leave a Reply

Your email address will not be published.