canonical
Upgrade instructions for coexistence with Docker
This pull request didn't trigger Jenkins as its author isn't in the allow list.
An organization member must perform one of the following:
- To have this branch tested by Jenkins, use the "ok to test" command.
- To have a one time test done, use the "test this please" command.
Those commands are simple Github comments of the format: "jenkins: COMMAND"
Documentation preview available at: https://linuxcontainers.org/lxd/docs/pr.10875/
Marking as Incomplete as there are open questions from @tomponline
@stgraber I'm not sure what the change is that is being requested?
Basically the line iptables -I DOCKER-USER -i <external_interface> -o <network_bridge> -j ACCEPT is not something I would want to add to our docs as recommended for getting LXD instances to work when Docker is installed because it opens up the managed LXD bridge to the external interface.
It also shouldn't be needed to allow LXD instances to use outbound network connectivity and get DHCP/DNS from the managed bridge itself.
My questions are above:
- You mention the "but it doesn't actually cure the ping/nginx/postfix/etc problem" can you expand on what precisely that is?
- Are you listing the services running inside the containers that you're trying to expose to the external network?
I am trying to figure out whether the change you're requesting is to allow egress traffic and DHCP/DNS or whether it is to allow services running inside LXD instances to be reachable from the external interface.
