Posted on 11 Comments

Installing the LXD dashboard in an LXC container – v1.x.x

A newer version of this guide now exists for version 2.x.x here

This how-to guide will take you through the installation steps to run the LXD dashboard in an LXC container on your system. This guide will assume that your system already has LXD installed and configured.

Start by launching a new instance using the official Ubuntu 20.04 image. To launch the new instance and name it lxd-dashboard use the following command:

$ lxc launch ubuntu:20.04 lxd-dashboard

This will create a base container to use to install the LXD dashboard. Once the command finishes the container should be running. Now it is time to connect into the container and setup the software. Use the following command to obtain a bash shell connection to the instance, use the exit command at anytime to leave the shell:

$ lxc exec lxd-dashboard /bin/bash

The following commands will now be run inside the lxd-dashboard container. Verify that the terminal prompt reads root@lxd-dashboard:~# before installing any software. The LXD dashboard uses Nginx and PHP for the webserver platform and SQLite as a database to store remote lxd and simplestreams host connections. To install these packages use the following command:

$ apt update && apt install apache2-utils nginx php-fpm sqlite3 php-sqlite3 curl -y 

The web server connects through the REST API of remote LXD servers using curl. To allow the www-data user privileges to execute curl, run the following command:

$ echo "www-data ALL=(ALL) NOPASSWD: /usr/bin/curl" >> /etc/sudoers

Using wget, the source code for the LXD dashboard can be downloaded from the GitHub repository. For this guide the v1.2.8 release will be used. Check for newer versions on the GitHub page and replace the version number with the latest. To download and extract the source code use the following two commands:

$ wget https://github.com/lxdware/lxd-dashboard/archive/v1.2.8.tar.gz
 $ tar -xzf v1.2.8.tar.gz

A few web server files will need to moved into place for the web pages as well as the NGINX configuration. To copy these files use the following commands, making sure to change the version number to what was downloaded:

$ cp -a lxd-dashboard-1.2.8/default /etc/nginx/sites-available/
 $ cp -a lxd-dashboard-1.2.8/index.html /var/www/html/
 $ cp -a lxd-dashboard-1.2.8/admin /var/www/html/

The LXD dashboard uses an encrypted password for the admin user by echoing and piping the password to htpasswd. Be sure to use a secure password for the admin user by changing lxdware in the command below. The command can be run at anytime to change the admin password. To set the admin password use the following command:

$ echo lxdware | htpasswd -c -i /etc/nginx/.htpasswd admin

Secure connections made from the LXD dashboard to LXD host servers are made using certificates. A certificate will need to be generated and placed in the /var/lxdware/data/lxd directory to make it available to the web server. The LXD certificate is generated after an attempt to connect to a remote host. Connecting to localhost will fail, but also generate the needed certificate, so don’t be alarmed if you see Error: Get “https://localhost:8443”: Unable to connect to: localhost:8443 when running the command. Use the following commands to create the /var/lxdware/data/lxd/ directory and certificates and then copy the certificate information to the directory:

$ lxc remote add localhost
 $ mkdir -p /var/lxdware/data/lxd
 $ cp -a $HOME/snap/lxd/current/.config/lxc/client.crt /var/lxdware/data/lxd/client.crt
 $ cp -a $HOME/snap/lxd/current/.config/lxc/client.key /var/lxdware/data/lxd/client.key

Now it is time to setup the SQLite database used to store connection information for remote hosts as well as for simplestreams servers. The database will be located in the new directory /var/lxdware/data/sqlite/ and will contain two tables. To create the directory and setup the database tables use the following commands:

$ mkdir -p /var/lxdware/data/sqlite

 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "CREATE TABLE IF NOT EXISTS lxd_hosts (id INTEGER PRIMARY KEY AUTOINCREMENT, host TEXT NOT NULL, port INTEGER NOT NULL, alias TEXT, protocol TEXT);"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "CREATE TABLE IF NOT EXISTS lxd_simplestreams (id INTEGER PRIMARY KEY AUTOINCREMENT, host TEXT NOT NULL, alias TEXT, protocol TEXT);"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "INSERT INTO lxd_simplestreams (host, alias, protocol) VALUES ('https://images.linuxcontainers.org', 'images', 'simplestreams');"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "INSERT INTO lxd_simplestreams (host, alias, protocol) VALUES ('https://cloud-images.ubuntu.com/releases', 'ubuntu', 'simplestreams');"
 
 $ sqlite3 /var/lxdware/data/sqlite/lxdware.sqlite "INSERT INTO lxd_simplestreams (host, alias, protocol) VALUES ('https://cloud-images.ubuntu.com/daily', 'ubuntu-daily', 'simplestreams');"

Starting in version 1.2.6, local backups on instances can now be imported locally to the /var/lxdware/backups directory. You will need to create this directory.

$ mkdir /var/lxdware/backups

The /var/www/html/ directory, the /var/lxdware/data/sqlite/ directory, and the /var/lxdware/backups directory will all need to owned by the www-data user. To set the proper permissions run the following commands:

$ chown -R www-data:www-data /var/lxdware/data/sqlite
 $ chown -R www-data:www-data /var/lxdware/backups
 $ chown -R www-data:www-data /var/www/html

The NGINX web server will need to be restarted to apply the web server configuration changes made above. To restart the web server run the following command:

$ systemctl restart nginx

It would be good practice to clear the history of the bash commands so that the password used for the login credentials can not be retrieved through bash history. To clear the history run the following command:

$ history -c

Congratulations! The container is now setup with the LXD dashboard software. Exit from the bash terminal and return to your LXD host server by using the command:

$ exit

Open a web browser and access the LXD dashboard by entering in the IP address of the instance. Use the lxc list command to view a list of the containers and their IP addresses on your LXD server.

Optional Port Forward Configuration

Port forwarding can be used to make the lxd-dashboard instance accessible to others computers outside of the server. The lxd-dashboard listens on port 80 for web traffic. In this how-to guide the host’s port 80 will be forwarded to the instance’s port 80. For more information on port forwarding view the how-to guide Forwarding host ports to LXD instances.

To create a new profile named proxy-port-80 use the following command:

$ lxc profile create proxy-port-80

To configure the profile to forward the port 80 from the host server to port 80 on the instance, use the following command:

$ lxc profile device add proxy-port-80 hostport80 proxy connect="tcp:127.0.0.1:8080" listen="tcp:0.0.0.0:80"

To apply the newly created profile to the lxd-dashboard instance and begin forwarding port 80 traffic to your instance run the following command:

$ lxc profile add lxd-dashboard proxy-port-80

Open a web browser and access the LXD dashboard by entering in the IP address of the host server.

11 thoughts on “Installing the LXD dashboard in an LXC container – v1.x.x

  1. Hello!

    Very nice and clear documentation! I was following it but had some issues in this part:

    $ lxc remote add localhost
    bash: lxc: command not found

    $ mkdir -p /var/lxdware/data/lxd

    $ cp -a $HOME/snap/lxd/current/.config/lxc/client.crt /var/lxdware/data/lxd/client.crt
    cp: cannot stat ‘/root/snap/lxd/current/.config/lxc/client.crt’: No such file or directory

    $ cp -a $HOME/snap/lxd/current/.config/lxc/client.key /var/lxdware/data/lxd/client.key

    I am running everything in a VM for testing…

    1. I suspect your VM may not already have the lxc utility installed by default. Try which lxc to see if it returns a path for the lxc binary. If not, you can install in on Ubuntu using sudo snap install lxd

      1. Thank you for the fast reply and sorry for my delay in answering. Now the whole process worked fine and I think I just did 2 things differently:
        1- in my host, when initializing the lxd, I selected clustering.
        2- inside the container, the first thing I run was a snap refresh.
        Probably number 2 fixed it, as there were updates to the snap.
        I really liked the dashboard, very clean and easy to use!

        1. Thanks Carlo for the good feedback on the dashboard and sharing your fix. I think it was the snap refresh command that did it too.

  2. Hello Matthew,
    wow! very nice project. I had the (somehow) same issue like Carlo. I have tested everything into a VM. The host is a debian 9 and I moved the storage of LXD on another drive. When I move in production, I want my containers to have their own dedicated storage. So ldx-dashboard is located (relative to the host root) on /Storage/lxc/containers/ldx-dashboard
    I’ve copyed/paste certificate files to /Storage/lxc/containers/ldx-dashboard/rootfs/var/lxdware/data/lxd
    At the first try did not work. I think because of the ownership of certificate files nobody:nogroup.
    I resolved by connecting into lxc exec ldx-dashboard bash and I create the files (client.crt and client.key) as root.
    Maybe this will help another newbies into LXD world.

  3. Hi Matthew,

    Thanks for your awesome work.
    I just tried to install it in a linux container with the steps in this page. However, once I logged in, the following warning message keep showing “DataTables warning: table id=lxdListTable – Ajax error. For more information about this error, please see http://datatables.net/tn/7
    Did I miss something?

    1. What version of the software are you using? I did have that issue with a new install earlier because the initial table was not populated with data.

    2. Also, the way the current version is written, if PHP can’t connect to the database, that error would occur.

  4. Very nice! install intructioons were clear and the gui is quite slick.

    Might want to mention the (?) instructions for adding the client cert to the host when adding a host, that confounded me for a little bit.

    1. nb. I have lxd-dashboard running with a bridge profile, so it has an accessible LAN IP, no need for the port forwarding with that.

    2. That is a great idea. I will do that.

Leave a Reply to Lindsay Cancel reply

Your email address will not be published. Required fields are marked *