On 01/12/2016 08:43 AM, Peter Steele wrote:
On 01/12/2016 06:35 AM, brian mullan wrote:
Peter
On AWS unless you are using VPC I don't think
you can use secondary addresses because AWS won't
route any of that traffic. Also with your
addresses routing would be affected by the
split-horizon problem with the same network on 2
sides.
...
I install PeerVPN (www.peervpn.net <http://www.peervpn.net>)
on my AWS servers to support inter-server LXC
communications. Its dead simple to setup, its
auto-learning & full mesh vpn and you can then
interconnect not only LXC on multiple AWS servers but on
different Clouds like AWS & Digital Ocean and/or your
own servers at home/office.
It also doesn't require firewall changes beyond what you
already use.
Flockport did a nice
writeup on how to install/use PeerVPN
<https://www.flockport.com/build-layer2-and-layer-3-overlay-networks-with-peervpn/>also.
Maybe that will help.
Brian, thanks for this pointer. It looks like this is what
we'll need to solve our networking issues. However, I followed
through Flockport's L2 example and configured
peervpn on my two EC2 hosts but I still cannot ping containers
across hosts. If I could indulge on your expertise I'd appreciate
some pointers.
...
The output from peervpn on host 2 also shows that one peer
has connected, so it appears that my configuration is correct. Is
there something else that's needed on the containers? The
container IPs are all statically assigned and I don't need DHCP/dnsmasq
support.
Any advice would be appreciated.
I believe I solved the issue. I executed the command
ip link set dev peervpn0 master br0
on each host and I can now ping across my containers.
Thanks very much for pointing me to this tool. It never came up in any
of the searches I did about networking between containers in EC2.
Peter
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
