Friday, December 19, 2014

Wordpress and LAMP in an LXC Container


I need to test some html running in Wordpress.
But I don't use Wordpress...obviously.

In Linux, that's easy to fix. Just install Wordpress.
Oops, not so easy: Wordpress pulls in an entire LAMP stack with it.
That's a lot to pollute my laptop with just to do some testing.

Containers to the rescue!
Let's spin up a container, install LAMP and Wordpress inside it, run the tests, then destroy the container.


The Router

I'm going to open a whole new port on my router's firewall for this, so others can help me test.

On the router, I want to forward port 112233 to the similar port on the server.

On the server, I want to forward port 112233 to the container's port 80. (That part is later)

Creating the container

Thanks the the amazing Stephane Graber for his detailed instructional series on how to create and use a container This is a slightly different setup than he did. Instead of installing directly on, say, a laptop, I'm installing the container onto a server that I access via ssh.

Three moving pieces: Laptop (me), Server (headless), Container (added to server)

So, from Laptop, I ssh into Server normally.

sudo apt-get install lxc               # Install the container system
sudo lxc-create -t ubuntu-cloud -n c1  # Download and install a 195MB cloud image of Ubuntu 14.10
sudo lxc-start -n wp1 -d               # Boot the image in the background (name is 'wp1')
sudo lxc-info -n wp1                   # Discover the IP of the image
    Name:           c1
    State:          RUNNING
    IP:            # <-- Ooh, there is the IP
ping                        # Check network connectivity on the container
    PING ( 56(84) bytes of data.
    64 bytes from icmp_seq=1 ttl=64 time=0.081 ms
    64 bytes from icmp_seq=2 ttl=64 time=0.085 ms

# Forward port 112233 to the container
sudo iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 112233 -j DNAT --to-destination
sudo iptables -A FORWARD -p tcp -d --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

Set up LAMP and Wordpress within the container

The container is installed, started, and responds to ping.

sudo lxc-console -n wp1    # Login to the console of wp1 (username: ubuntu, password: ubuntu)

A couple words about the container.
I'm going to skip the part where you would delete the 'ubuntu' user and add your own admin user and password. But you should do it.
Also, two pieces of information you should have handy before going farther.
  1. Server's IP address on the LAN (mine is
  2. The real, fully qualified domain name ( that readers on the internet will use
The FQDN will be used to generate the MySQL account for the blog, and the create the wordpress config file. The LAN address will be used to link to the same accounts.

Special thanks to the Ubuntu community for putting together this fantastic tutorial about how to install wordpress in Ubuntu.

sudo apt-get install mysql-server wordpress   # 49 packages, 28MB download

Let's jump over to Laptop for a moment and check that Server's port forwarding and Container's apache service are working: Open a browser window, and look for You should get the apache default page. Success! Okay, now back to Container:

sudo ln -s /usr/share/wordpress /var/www/html/wordpress   # Make Wordpress accessible from apache

# Create mysql account, and link it to Wordpress
sudo gzip -d /usr/share/doc/wordpress/examples/setup-mysql.gz
sudo bash /usr/share/doc/wordpress/examples/setup-mysql -n freds_blog_fred_com  

# Prevent a Wordpress error (can't locate config file) from within the LAN
# by linking the LAN addr to existing FQDN config file
sudo ln /etc/wordpress/ /etc/wordpress/config-

<ctrl+a, q> to exit the console

Use Wordpress

The setup is complete. Since I'm on my LAN, I point my Laptop browser to and I get the Wordpress setup screen.

Outside, on the big wide internet, I would point it to (er, that's an example - you already know that's not my real blog).

Wordpress is ready for my data.

          Bye, Container!

Destroying the container

This is one of the true joys of LXC

sudo lxc-stop -n wp1
sudo lxc-destroy -n wp1

And all the work is wiped out forever....

Remember to clean up:
  • Uninstall lxc from the server
  • Delete the iptables rules on the server
  • Close the port on the router firewall

No comments: