Add port isolation
This commit is contained in:
Benoît S
parent
3276a4ab60
commit
cfae1b2c4c
|
|
@ -12,13 +12,15 @@ $ lxc config set <name> limits.cpu 2
|
||||||
$ lxc config set <name> limits.cpu.allowance 50%
|
$ lxc config set <name> limits.cpu.allowance 50%
|
||||||
$ lxc config set <name> limits.memory.swap false
|
$ lxc config set <name> limits.memory.swap false
|
||||||
$ lxc config device set <name> root limits.read 30MB
|
$ lxc config device set <name> root limits.read 30MB
|
||||||
$ lxc config device set <name> root.limits.write 10MB
|
$ lxc config device set <name> root limits.write 10MB
|
||||||
$ lxc config device set <name> root limits.read 20Iops
|
$ lxc config device set <name> root limits.read 20Iops
|
||||||
$ lxc config device set <name> root limits.write 10Iops
|
$ lxc config device set <name> root limits.write 10Iops
|
||||||
$ lxc config device set <name> root size 20GB
|
|
||||||
$ lxc config device override <name> root size=20GB
|
$ lxc config device override <name> root size=20GB
|
||||||
$ lxc profile device set default eth0 limits.ingress 100Mbit
|
$ lxc profile device set default eth0 limits.ingress 100Mbit
|
||||||
$ lxc profile device set default eth0 limits.egress 100Mbit
|
$ lxc profile device set default eth0 limits.egress 100Mbit
|
||||||
|
# Port isolation make the container unable to see other containers
|
||||||
|
$ lxc config device override <name> eth0 security.port_isolation=true
|
||||||
|
$ lxc
|
||||||
$ lxc launch images:debian/11 <name>
|
$ lxc launch images:debian/11 <name>
|
||||||
$ lxc config set <name> environment.LC_ALL=en_US.UTF-8
|
$ lxc config set <name> environment.LC_ALL=en_US.UTF-8
|
||||||
$ lxc list
|
$ lxc list
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue