Create LXC and Bridge with LAN interface

lxc-create.sh

#/bin/bash

# Check if bridge-nf-call-iptables is enabled (1 if enabled)
# cat /proc/sys/net/bridge/bridge-nf-call-iptables
# Enable IP Forwarding
# echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
# sysctl --system

CONTAINER_NAME=kube
BRIDGED_NAME=br0
STORAGE_POOL=lxc-beta-storage
# STATIC_IP=10.27.203.104

lxc launch images:ubuntu/focal $CONTAINER_NAME -s $STORAGE_POOL

# Enable docker inside LXC
lxc config set $CONTAINER_NAME security.nesting true
lxc config set $CONTAINER_NAME security.privileged true
echo "lxc.apparmor.profile = unconfined\nlxc.cgroup.devices.allow = a\nlxc.cap.drop =\nlxc.mount.auto = \"proc:rw sys:rw\"" | lxc config set $CONTAINER_NAME raw.lxc -

cat <<EOT >> rc.local
#!/bin/sh -e

# Kubeadm 1.15 needs /dev/kmsg to be there, but it's not in lxc, but we can just use /dev/console instead
# see: https://github.com/kubernetes-sigs/kind/issues/662
if [ ! -e /dev/kmsg ]; then
    ln -s /dev/console /dev/kmsg
fi

# https://medium.com/@kvaps/run-kubernetes-in-lxc-container-f04aa94b6c9c
mount --make-rshared /
EOT

lxc file push rc.local $CONTAINER_NAME/etc/rc.local
lxc exec $CONTAINER_NAME chmod +x /etc/rc.local

# Add eth1 internet network interface
# lxc config device add $CONTAINER_NAME eth1 nic name=eth1 nictype=bridged parent=$BRIDGED_NAME

# Set static IP to eth1
# lxc exec $CONTAINER_NAME netplan generate
# sed "s/\${STATIC_IP}/$STATIC_IP/g" assets/11-eth1-template.yaml > 11-eth1-$CONTAINER_NAME.yaml
# lxc file push 11-eth1-$CONTAINER_NAME.yaml $CONTAINER_NAME/etc/netplan/11-eth1.yaml
# lxc exec $CONTAINER_NAME netplan apply

# Change sources.list to
# lxc file push assets/kku-sources.list $CONTAINER_NAME/etc/apt/sources.list

# lxc restart $CONTAINER_NAME

lxc exec $CONTAINER_NAME apt update && apt upgrade -y && apt install -y

lxc restart $CONTAINER_NAME

# Optional (Run inside container)
# apt install -y rsync ssh nano locales landscape-common rsyslog
# adduser username
# adduser username sudo