Its much easier to just start using ipv6 once you start assigning interfaces to VMs and lxc boxes.

Although there are still a few services on ipv4 only. Github I am looking at you.

It's a pretty easy thing to do with libvirt. I usually create a nginx vhost that routes websites to different virtual machines.

These virtual machines usually run one application are managed by puppet and are sometimes located on different subnets.

I believe Docker creates a bridge network as well for LXC

The network setup graphic here is misleading in that the actual delineation between the network resources on the guest and host is something that occurs through network namespaces, and has nothing to do with the IP addressing pictured.

The bridge layer here is dubious. The author routes from that elsewhere at layer3 using iptables, though in practice other people often join a real network interface to the same bridge as guests to grant external connectivity, resulting in a proxy-ARP type situation. In IMHO there's little point in using bridges in either case ... it's better to just do iptables from the guest veth interface directly. Why? Unexpected Layer2 interactions at the bridging device, either between host and guest or between multiple guests are avoided. In addition, uptime is instant versus sometimes delayed (depending upon spanning tree configuration and other such ancient ethernetty-cruft). Finally, by keeping in-container connectivity assumptions at layer 3 you ensure greater portability to alternative virtualization platforms and/or cloud-based providers.

In short, great to see more people experimenting with LXC, but consider not doing the connectivity this way.