0

I have successfully created unprivileged lxc containers for one user on a system. All of those containers use the default lxcbr0 bridge.

Now I want to allow other users on the system to create unprivileged lxc containers.

How do I create more bridges, one for each of the users? And is it a good idea to do this?

One reason for separate bridges is: keeping the ip-address range separate, so that one user can't hijack the ip addresses allocated to another user's lxc.

HRJ
  • 225
  • 2
  • 10
  • This seems to be possible. All I need is the /etc scripts to support creating a list of bridges (so that it can be managed easily). I have requested the feature in Ubuntu [here](https://bugs.launchpad.net/lxc/+bug/1359224) – HRJ Aug 20 '14 at 13:52
  • 1
    It might be time to move onto something more powerful to manage your containers, like libvirt, which will create as many bridges as you want. – Michael Hampton Aug 20 '14 at 15:17
  • @MichaelHampton The [Ubuntu serverguide](https://help.ubuntu.com/14.04/serverguide/lxc.html) says "Use of libvirt-lxc is not generally recommended due to a lack of Apparmor protection for libvirt-lxc containers.?" Just quoting; don't shoot the messenger. – HRJ Aug 20 '14 at 15:50
  • Well, use of Ubuntu is not generally recommended either. :) – Michael Hampton Aug 20 '14 at 15:51

0 Answers0