Author: matthew

These instructions assume you already have docker installed on your computer. LXDWARE provides a Dockerfile in the source code of the LXD dashboard allowing you to easily build your own Docker image locally.

First download the source code. We will assume you already have git installed on your computer and will use git to download the source code. You can also download the source code directly from GitHub’s web interface. To download the source code use the following command:

$ git clone https://github.com/lxdware/lxd-dashboard.git

Now change your directory to be located inside the lxd-dashboard folder. Use the command:

 $ cd lxd-dashboard

To build the docker image use the following command (don’t forget the period at the end):

$ docker build -t lxdware/dashboard:latest .

You can now use the docker run command to setup and start the docker container:

$ docker run -d --name lxd-dashboard -p 80:80 -v ~/lxdware:/var/lxdware --restart=always lxdware/dashboard:latest

These instructions assume you already have docker installed on your computer. The official LXD dashboard by LXDWARE image is available on Docker Hub and can be setup on your local computer with a single command.

The docker image listens on port 80 (HTTP) to display the web-based dashboard interface. If you have network access to the IP address of your docker container, you can use that to display the dashboard. However, in this set of instructions, port 80 on your computer will be used to forward traffic to port 80 on the container. The port that your host listens on can be changed.

As with all docker containers, persistent storage needs to be configured to allow data to remain throughout restarts of your container. The dashboard uses /var/lxdware for persistent data within the container. This can be bound to any directory location on your computer. For this set of installation instructions, ~/lxdware will be used as a bind mount location on your computer.

Version 2.x.x is a multi-user application and user accounts are now stored within the container’s database. To deploy version 2.x.x docker images of LXDWARE use the following command:

$ docker run -d --name lxd-dashboard -p 80:80 -v ~/lxdware:/var/lxdware --restart=always lxdware/dashboard:latest

With version 1.x.x images, the default username for the dashboard is admin. You can set your password by using the environmental variable when first running your container. If you do not set a variable, the default password is lxdware. It is recommended that you change the ADMIN_PASS value to a secure passphrase. For version 1.x.x images use the command:

$ docker run -d --name lxd-dashboard -p 80:80 -e ADMIN_PASS="lxdware" -v ~/lxdware:/var/lxdware --restart=always lxdware/dashboard:1.2.8

A newer version of this guide now exists for version 2.x.x here

This how-to guide will take you through the installation steps to run the LXD dashboard in an LXC container on your system. This guide will assume that your system already has LXD installed and configured.

Start by launching a new instance using the official Ubuntu 20.04 image. To launch the new instance and name it lxd-dashboard use the following command:

$ lxc launch ubuntu:20.04 lxd-dashboard

This will create a base container to use to install the LXD dashboard. Once the command finishes the container should be running. Now it is time to connect into the container and setup the software. Use the following command to obtain a bash shell connection to the instance, use the exit command at anytime to leave the shell:

$ lxc exec lxd-dashboard /bin/bash

The following commands will now be run inside the lxd-dashboard container. Verify that the terminal prompt reads root@lxd-dashboard:~# before installing any software. The LXD dashboard uses Nginx and PHP for the webserver platform and SQLite as a database to store remote lxd and simplestreams host connections. To install these packages use the following command:

$ apt update && apt install apache2-utils nginx php-fpm sqlite3 php-sqlite3 curl -y 

The web server connects through the REST API of remote LXD servers using curl. To allow the www-data user privileges to execute curl, run the following command:

$ echo "www-data ALL=(ALL) NOPASSWD: /usr/bin/curl" >> /etc/sudoers

Using wget, the source code for the LXD dashboard can be downloaded from the GitHub repository. For this guide the v1.2.8 release will be used. Check for newer versions on the GitHub page and replace the version number with the latest. To download and extract the source code use the following two commands:

$ wget https://github.com/lxdware/lxd-dashboard/archive/v1.2.8.tar.gz
 $ tar -xzf v1.2.8.tar.gz

A few web server files will need to moved into place for the web pages as well as the NGINX configuration. To copy these files use the following commands, making sure to change the version number to what was downloaded:

$ cp -a lxd-dashboard-1.2.8/default /etc/nginx/sites-available/
 $ cp -a lxd-dashboard-1.2.8/index.html /var/www/html/
 $ cp -a lxd-dashboard-1.2.8/admin /var/www/html/

The LXD dashboard uses an encrypted password for the admin user by echoing and piping the password to htpasswd. Be sure to use a secure password for the admin user by changing lxdware in the command below. The command can be run at anytime to change the admin password. To set the admin password use the following command:

$ echo lxdware | htpasswd -c -i /etc/nginx/.htpasswd admin

Secure connections made from the LXD dashboard to LXD host servers are made using certificates. A certificate will need to be generated and placed in the /var/lxdware/data/lxd directory to make it available to the web server. The LXD certificate is generated after an attempt to connect to a remote host. Connecting to localhost will fail, but also generate the needed certificate, so don’t be alarmed if you see Error: Get “https://localhost:8443”: Unable to connect to: localhost:8443 when running the command. Use the following commands to create the /var/lxdware/data/lxd/ directory and certificates and then copy the certificate information to the directory:

$ lxc remote add localhost
 $ mkdir -p /var/lxdware/data/lxd
 $ cp -a $HOME/snap/lxd/current/.config/lxc/client.crt /var/lxdware/data/lxd/client.crt
 $ cp -a $HOME/snap/lxd/current/.config/lxc/client.key /var/lxdware/data/lxd/client.key

Now it is time to setup the SQLite database used to store connection information for remote hosts as well as for simplestreams servers. The database will be located in the new directory /var/lxdware/data/sqlite/ and will contain two tables. To create the directory and setup the database tables use the following commands:

$ mkdir -p /var/lxdware/data/sqlite

 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "CREATE TABLE IF NOT EXISTS lxd_hosts (id INTEGER PRIMARY KEY AUTOINCREMENT, host TEXT NOT NULL, port INTEGER NOT NULL, alias TEXT, protocol TEXT);"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "CREATE TABLE IF NOT EXISTS lxd_simplestreams (id INTEGER PRIMARY KEY AUTOINCREMENT, host TEXT NOT NULL, alias TEXT, protocol TEXT);"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "INSERT INTO lxd_simplestreams (host, alias, protocol) VALUES ('https://images.linuxcontainers.org', 'images', 'simplestreams');"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "INSERT INTO lxd_simplestreams (host, alias, protocol) VALUES ('https://cloud-images.ubuntu.com/releases', 'ubuntu', 'simplestreams');"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "INSERT INTO lxd_simplestreams (host, alias, protocol) VALUES ('https://cloud-images.ubuntu.com/daily', 'ubuntu-daily', 'simplestreams');"

Starting in version 1.2.6, local backups on instances can now be imported locally to the /var/lxdware/backups directory. You will need to create this directory.

$ mkdir /var/lxdware/backups

The /var/www/html/ directory, the /var/lxdware/data/sqlite/ directory, and the /var/lxdware/backups directory will all need to owned by the www-data user. To set the proper permissions run the following commands:

$ chown -R www-data:www-data /var/lxdware/data/sqlite
 $ chown -R www-data:www-data /var/lxdware/backups
 $ chown -R www-data:www-data /var/www/html

The NGINX web server will need to be restarted to apply the web server configuration changes made above. To restart the web server run the following command:

$ systemctl restart nginx

It would be good practice to clear the history of the bash commands so that the password used for the login credentials can not be retrieved through bash history. To clear the history run the following command:

$ history -c

Congratulations! The container is now setup with the LXD dashboard software. Exit from the bash terminal and return to your LXD host server by using the command:

$ exit

Open a web browser and access the LXD dashboard by entering in the IP address of the instance. Use the lxc list command to view a list of the containers and their IP addresses on your LXD server.

Optional Port Forward Configuration

Port forwarding can be used to make the lxd-dashboard instance accessible to others computers outside of the server. The lxd-dashboard listens on port 80 for web traffic. In this how-to guide the host’s port 80 will be forwarded to the instance’s port 80. For more information on port forwarding view the how-to guide Forwarding host ports to LXD instances.

To create a new profile named proxy-port-80 use the following command:

$ lxc profile create proxy-port-80

To configure the profile to forward the port 80 from the host server to port 80 on the instance, use the following command:

$ lxc profile device add proxy-port-80 hostport80 proxy connect="tcp:127.0.0.1:8080" listen="tcp:0.0.0.0:80"

To apply the newly created profile to the lxd-dashboard instance and begin forwarding port 80 traffic to your instance run the following command:

$ lxc profile add lxd-dashboard proxy-port-80

Open a web browser and access the LXD dashboard by entering in the IP address of the host server.

With other containerization technologies such as Docker, persistent volumes (or bind mounts) are common as the container’s life span is often short lived. With LXD instances, the containers live beyond the life of a single process and the demand for persistent storage is not as critical. With that said, there are many use cases for wanting persistent storage within your LXD instance. In this post we will examine how to create persistent storage by mounting a directory on the LXD host server into an instance.

We will create a new profile with the persistent storage settings and then apply that profile to an instance. Let’s call the new profile volume-demo-data. It can be named whatever you want but it’s good practice to name it something meaningful. We will be using a directory on the host server located at /demo/data as our persistent storage location. To create the new profile run the following command:

$ lxc profile create volume-demo-data

We now have an empty profile without any configurations. To get a list of the profiles you have on your LXD server and see the newly created volume-demo-data profile, run the following command:

$ lxc profile list
+---------------------+---------+
|    NAME             | USED BY |
+---------------------+---------+
| default             | 2       |
+---------------------+---------+
| volume-demo-data    | 0       |
+---------------------+---------+

We will need a directory on the host that can be used for persistent storage. For this post, we will create a new directory located at /demo/data. To create the new directories use the following command:

$ sudo mkdir -p /demo/data

The new profile now can be modified to include a disk device that mounts the /demo/data directory (source) to a location within the instance (path). We can choose to edit the profile directly using an editor (lxc profile edit volume-demo-data) or add a new disk device using the command-line.

Choosing the later option, we can create a new device named host-data that uses the host’s directory /demo/data, mounted within the instance at /var/demo/data, by running the following command:

$ lxc profile device add volume-demo-data host-data disk source=/demo/data path=/var/demo/data

To view the contents of the profile use the following command:

$ lxc profile show volume-demo-data
config: {}
description: ""
devices:
  host-data:
    path: /var/demo/data
    source: /demo/data
    type: disk
name: volume-demo-data
used_by: []

If you are launching a new instance you can use the –profile option to add profiles to the instance as it is created. But if the instance already exists you will have to append the new profile to the instance. Let’s assume we have an instance named container1. To append the volume-demo-data profile to this instance use the following command:

$ lxc profile add container1 volume-demo-data

To show the applied configurations to your instance use the following command:

$ lxc config show container1 -e

The profile configuration can be removed from the instance. To remove the profile use the following command:

$ lxc profile remove container1 volume-demo-data

When you remove the profile from the instance, the profile still exists and can be used for other instances. If you want to permanently remove the profile it can be deleted with the following command:

$ lxc profile delete volume-demo-data

LXD instances can be be limited to the amount of CPU and Memory resources used by the host server. These limits can be set on each individual instance, or through the use of profiles. This how-to guide will create a profile establishing these limits and then will apply that profile to an instance. A single profile can be reused and applied to multiple instances.

We will call the new profile cpu2-memory4, naming it something that can easily identify it’s purpose. We will set the profile to limit the instance to 2 virtual CPUs and also 4 GB of memory. To create the new profile run the following command:

$ lxc profile create cpu2-memory4

We now have an empty profile without any configurations. To get a list of the profiles you have on your LXD server and see the newly created cpu2-memory4 profile, run the following command

$ lxc profile list
+---------------+---------+
|    NAME       | USED BY |
+---------------+---------+
| default       | 2       |
+---------------+---------+
| cpu2-memory4  | 0       |
+---------------+---------+

The new profile now can be modified to limit the CPU and memory usage. We can choose to edit the profile directly using an editor (lxc profile edit cpu2-memory4) or set limits using LXC based command-line options.

Choosing the later option, we can set both configuration limits at the same time with a single command. Let’s set the CPU limit to 2 virtual CPUs and the memory limit to 4GB of RAM by running the following command:

$ lxc profile set cpu2-memory4 limits.cpu=2 limits.memory=4GB

To view the contents of the profile use the following command:

$ lxc profile show cpu2-memory4
config:
  limits.cpu: "2"
  limits.memory: 4GB
description: ""
devices: {}
name: cpu2-memory4
used_by: []

If you are launching a new instance you can use the –-profile (or -p) option to add profiles to the instance as it is created. But if the instance already exists you will have to append the new profile to the instance. Let’s assume we have an instance named vm1. To append the cpu2-memory4 profile to this instance use the following command:

$ lxc profile add vm1 cpu2-memory4

To show the applied configuration to your instance use the following command:

$ lxc config show vm1 -e

The profile configuration can be removed from the instance. To remove the profile use the following command:

$ lxc profile remove vm1 cpu2-memory4

When you remove the profile from the instance, the profile still exists and can be used for other instances. If you want to permanently remove the profile it can be deleted with the following command:

$ lxc profile delete cpu2-memory4

LXD instances can be configured with networking interfaces connected to the same local area network (LAN) as their host server. This allow devices on the same external network as the host to communicate with an instance as if it were another device on their LAN.

The macvlan interface will need to connect through a networking interface on the host server. Using the ip addr command on the server, we can see a list of networking interfaces. I will choose to use the interface labeled eno1.

$ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether a4:ba:db:15:fe:22 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.2/24 brd 192.168.200.255 scope global eno1
       valid_lft forever preferred_lft forever

We need to create a new profile that creates a networking interface that uses macvlan. We will name it macvlan-eno1 to describe the purpose of the profile. To create the profile use the following command:

$ lxc profile create macvlan-eno1

The new profile now can be modified to include a new networking interface that will use eno1. The default profile used by instances already creates a device named eth0. For this how-to we will create a second interface for our instances named eth1. We can choose to edit the profile directly using an editor (lxc profile edit macvlan-eno1) or add a new network device using LXC command-line options.

Choosing the later option, we can create the new networking device within the profile and define our settings. The device will have to identify the parent networking interface card as well as define the type of interface. To create the new device run the following command:

$ lxc profile device add macvlan-eno1 eth1 nic nictype=macvlan parent=eno1

To view the contents of the profile we can run the command:

$ lxc profile show macvlan-eno1
config: {}
description: ""
devices:
  eth1:
    nictype: macvlan
    parent: eno1
    type: nic
name: macvlan-eno1
used_by: []

If you are launching a new instance you can use the –-profile (or -p) option to add profiles to the instance as it is created. But if the instance already exists you will have to append the new profile to the container. Let’s assume we have an instance named container1. To append the macvlan-eno1 profile to this instance use the following command:

$ lxc profile add container1 macvlan-eno1

To show the applied configuration use the following command:

$ lxc config show container1 -e

The profile configuration can be removed from the instance. To remove the profile use the following command:

$ lxc profile remove container1 macvlan-eno1

When you remove the profile from the instance, the profile still exists and can be used for other instances. If you want to permanently remove the profile it can be deleted with the following command:

$ lxc profile delete macvlan-eno1