Hi Team,
This is becoming quite exciting. Today, I discovered that incus has an image for OpenWRT (Linux firewall). Because openwrt is linux, there exists a package for netbird (network overlay). Note that I have not tested this package yet.
The three combined (incus+openwrt+netbird) means that you can:
- fire up an OpenWRT incus image
- install the netbird package into openwrt
- fire up as many incus containers as you wish (not including the netbird client)
- configure netbird to advertise routes on behalf of your incus containers/services
- backup all your configurations using rsync (rsync.net)
Everything seems to be fitting nicely together…
This question/statement is for people smarter than me…
I wonder if we can create a small/hardened incus cluster to act as both the local virtualization and router… If we can, this means small to medium organizations can purchase a standard hardware package that performs many of the standard local services and connects to the larger/global netbird network overlay.
References:
- Help from Incus/Stéphane
- Good openwrt cli reference
Getting started:
incus launch images:openwrt/23.05 openwrt-delme-01
incus exec openwrt-delme-01 -- nft flush ruleset
incus list openwrt-delme-01
Open browser and connect to the ip listed in the ‘incus list’ command.
Note the ‘flush ruleset’ is needed to allow viewing in browser because of how incus installs openwrt (see above help from Stéphane). Also note that you need to add back the appropriate firewall rules to lock down the firewall.
This is quite exciting!
Chuck