User:StefanLangenmaier/Poor man's Cluster/Host

Host
As a host Gentoo with the following features will be used:


 * lxc/docker
 * btrfs
 * kexec
 * dd-client (dyndns)
 * ntp-client
 * iptables
 * libvirtd
 * sshd
 * dmcrypt

SSHD
Only certificate based login

iptables
libvirtd creates the nat network for the containers. To forward an external port to lxc container behind a nat network.

iptables -I FORWARD -d 192.168.122.71/32 -p tcp -m state --state NEW -m tcp --dport 9091 -j ACCEPT iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9091 -j DNAT --to 192.168.122.71:9091
 * 1) once for each port that should be forwarded


 * http://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections
 * Iptables
 * http://serverfault.com/questions/170079/forwarding-ports-to-guests-in-libvirt-kvm/170641#170641