--- hide: - navigation created: 2021-09-26 20:04 updated: 2023-05-03 16:46 tags: - LXD --- # LXD Bridged Profile ## References * * * * * * * ## Introduction When you start using LXD containers, eventually you'll want to have your container appear directly on your main network. By default, LXD sets up a bridge, usually named lxdbr0, that it connects all containers to. This bridge has a DHCP server, and is set up to use NAT for network addressing of containers. This works fine when using containers for testing or development, but when you want to set up a container for production use you'll probably want to set up a bridged profile for your production containers. I won't go over the many ways of creating network bridges on Linux servers. I've included a few links in the References section with some alternatives. Likely you'll required the bridge-utils package and will have to perform the initial bridge interface creation using brctl. ## Bridged Network Configuration ### Ubuntu Here's an example of adding a bridge to an Ubuntu server via a netplan configuration. Chances are that if you've been around netplan for a while, you've probably taken the default dhcp netplan configuration and set it up for a static IP. ``` $ cat /etc/netplan/server.yaml network: version: 2 renderer: networkd ethernets: enp3s0: dhcp4: no dhcp6: no bridges: br0: dhcp4: no dhcp6: no interfaces: [enp3s0] addresses: [192.168.7.10/24] gateway4: 192.168.7.1 nameservers: addresses: - 192.168.7.83 - 192.168.7.84 parameters: stp: true forward-delay: 4 ``` ### Debian This is an example configuration as used on a Debian based server. ``` $ cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* auto lo enp3s0 br0 iface lo inet loopback iface enp3s0 inet manual iface br0 inet static dhcp4 no dhcp6 no bridge_ports enp3s0 address 192.168.7.10/24 gateway 192.168.7.1 dns-nameservers 192.168.7.83 192.168.7.84 dns-search lan ``` ### systemd-network This is an example configuration for a system using the systemd-networkd networking configuration. ``` $ ls -1 /etc/systemd/network br0.netdev br0.network enp3s0.network $ cat /etc/systemd/network/enp3s0.network [Match] Name=enp3s0 [Network] Bridge=br0 $ cat /etc/systemd/network/br0.netdev [NetDev] Name=br0 Kind=bridge $ cat /etc/systemd/network/br0.network [Match] Name=br0 [Network] DHCP=false Address=192.168.20.90/24 Gateway=192.168.20.1 DNS=192.168.20.21 DNS=192.168.20.22 Domains=lan ``` ## LXD bridge profile Regardless of how you set up a bridge, once you've created it you can then use it in an LXD profile to allow your containers to be directly connected to your main network, rather than the default NAT network. The way I do this is to create a bridged configuration file first, and then apply it to a newly created profile. ``` $ cat bridged.cnf config: {} description: Profile settings for a bridged container devices: eth0: name: eth0 nictype: bridged parent: br0 type: nic root: path: / pool: default type: disk name: bridged used_by: $ lxc profile create bridged $ lxc profile edit bridged