I have docker installed in a debian LXC container on my Proxmox host. I want to utilise Proxmox's firewall on that container to improve the security of my setup.
I appreciate this is a fairly complex setup that maybe isn't going to work, but maybe it's just a bug in Proxmox? The fact it's all perfectly functional until I enable the firewall tells me it's probably the latter.
Where do I start to look to debug this? For now, and to keep things running, I've stopped using the macvlan and have instead mounted an additional interface to the LXC. Because docker doesn't allow you to bind it's bridges to particular interfaces I've had to instead use a port mapping of "10.5.0.67:32400:32400". This is working (with the firewall on) but is not what I really want as the container (Plex) has a whole bunch of other ports that probably need exposing and I don't want to do each of those by hand.
- Proxmox - 10.5.0.64
- Unprivileged LXC - 10.5.0.66
- Docker
- Container - 10.5.0.57 (macvlan bound to eth0)
- Docker
- Unprivileged LXC - 10.5.0.66
I appreciate this is a fairly complex setup that maybe isn't going to work, but maybe it's just a bug in Proxmox? The fact it's all perfectly functional until I enable the firewall tells me it's probably the latter.
Where do I start to look to debug this? For now, and to keep things running, I've stopped using the macvlan and have instead mounted an additional interface to the LXC. Because docker doesn't allow you to bind it's bridges to particular interfaces I've had to instead use a port mapping of "10.5.0.67:32400:32400". This is working (with the firewall on) but is not what I really want as the container (Plex) has a whole bunch of other ports that probably need exposing and I don't want to do each of those by hand.