Appliance category: 

TurnKey LXC LinuX Containers

- 1 host, multiple TurnKey apps

TurnKey LXC simplifies downloading and deploying multiple TurnKey apps side-by-side on the same host in securely isolated lightweight containers while handling tricky details such as network routing. LXC (AKA LinuX Containers) is the rising star lightweight virtualization technology that powers Docker and other next generation software deployment platforms.

Stable version: 14.1 (changelog)

This appliance includes all the standard features in TurnKey Core, and on top of that:

  • Includes TurnKey LXC template:
    • Download and create a container of any TurnKey appliance.
    • Insert specified inithooks.conf into container for preseeding.
    • Supports configuration of network link (e.g., br0, natbr0, none).
    • Supports configuration of apt proxy.
    • Verifies GPG signatures when available
    • Wrapper for lxc-destroy cleans up after container is removed
    • Supports LVM on TurnKey's default volume group 'turnkey'
    • Allows TurnKey Ansible appliance to manage LXC containers
    • Generic enough to be used on any LXC enabled distribution.
  • Easily expose NAT containers services:
    • nginx-proxy: Expose a containers web services to the network by creating an nginx site configuration to proxy all web requests (ports 80, 443, 12320, 12321, 12322) destined for a specific domain to the container on the corresponding ports.
    • iptables-nat: Expose a containers non-web (e.g., SSH) service to the network by configuring iptables on the host to forward the traffic it receives on port X to the container on port Y.
  • LXC appliance configurations:
    • Preconfigured network bridge interface (br0).
    • Preconfigured network NAT bridge interface (natbr0).
    • Preconfigured dnsmasq on natbr0 providing DHCP and DNS services. Containers can be referenced by hostname or hostname.local.lxc
    • Includes apt-cacher-ng, binding to natbr0 interface.
    • Includes TurnKey web control panel (convenience).
    • Includes example inithooks configuration for preseeding (convenience).
    • IP forwarding and control groups enabled.
  • LXC limitations:
    • The LXC appliance cannot run in nested mode i.e. within an LXC container without additional configuration. This mode is not recommended for production systems because of security concerns.

See the Usage documentation for further details.

Usage details & Logging in for Administration

No default passwords: For security reasons there are no default passwords. All passwords are set at system initialization time.

Ignore SSL browser warning: browsers don't like self-signed SSL certificates, but this is the only kind that can be generated automatically without paying a commercial Certificate Authority.

Username for OS system administration:

Login as root except on AWS marketplace which uses username admin.

  1. Point your browser to:
  2. Login with SSH client:
    ssh root@12.34.56.789
    

    Special case for AWS marketplace:

    ssh admin@12.34.56.789
    

* Replace 12.34.56.789 with a valid IP or hostname.