This guide assumes that you already have a vanilla LXC prepared – for our purposes, it is called ‘galera-template’ with an ID 120 (it runs Debian 13 – Trixie). Have you not created a container before? Here is a guide on how you can create your own without relying on outdated ready-made templates!
What is the plan?
- To save us work, we will update the LXC to the newest version, install services such as Maria DB that we will need on it without necessarily configuring them in detail.
- We will then turn the container into a template and create additional nodes from it.
- We will leave the network settings on DHCP and use our firewall (OPNsense in my case) to set up a static lease for each container later on. If you want to have a static assignment set on the VM, then keep in mind to use your firewall as the gateway (ideally the gateway is deployed with HA as well and the gateway IP is the virtual CARP IP).
# Start the LXC if not already running pct start 120 # Log into its shell pct enter 120 # Perform a system update & upgrade, followed by clean up of older packages. apt update && apt upgrade apt upgrade apt -y apt autoremove # Install prerequisite packages sudo apt install -y dirmngr ca-certificates apt-transport-https curl # Donwload and install a combo of MariaDB server + client + galera with a backup client + firewall + ssh + cron apt install mariadb-server mariadb-client mariadb-backup galera-4 rsync nano ssh ufw cron fail2ban ncdu -y
- In case you are still using a root account, let’s create another user that we can use instead:
# Create a user adduser <username> # Add the user into the list of admins usermod -aG sudo jan # Switch into that user su jan