Re: [lxc-users] Networking LXD containers
I found this article that describes several virtualization networking techniques in great detail. It is mostly based on the legacy lxc tools but was fairly easy for me to translate to the LXD tools. Hope it helps other networking dummies, like my self, that may be watching this mail list. http://containerops.org/2013/11/19/lxc-networking/ It really helped me to get a better understanding of what was taking place behind the scenes. ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Networking LXD containers
On 03/23/2016 03:15 PM, efersept wrote: > If I wanted to attach containers to a simple bridged interface and > give them IPs on my network would it be as simple as creating the > following entry in the container's config after the bridge was setup > on the host? That is how we are doing it. We created a profile for each bridge on the host and assigned them to the container, mapping a different "eth" in the container itself. It works well but we are also open for suggestions on alternative approaches. Regards CONFIDENTIALITY NOTICE: This email message (and any attachment) is intended only for the individual or entity to which it is addressed. The information in this email is confidential and may contain information that is legally privileged or exempt from disclosure under applicable law. If you are not the intended recipient, you are strictly prohibited from reading, using, publishing or disseminating such information and upon receipt, must permanently delete the original and destroy any copies. We take steps to protect against viruses and other defects but advise you to carry out your own checks and precautions as Kambi does not accept any liability for any which remain. Thank you for your co-operation. ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Networking LXD containers
After doing some homework on virtualization networking techniques and studying the contents of /usr/lib/x86_64-linux-gnu/lxc/lxc-net am I correct in deducing that the default lxc/lxd bridge (lxcbr0) is a NATed interface? If I wanted to attach containers to a simple bridged interface and give them IPs on my network would it be as simple as creating the following entry in the container's config after the bridge was setup on the host? devices: eth0: name: eth0 nictype: bridged parent: br0 type: nic Or is there some other configuration that would need to be done with lxc/lxd to accomplish this? ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Networking LXD containers
On Fri, Mar 11, 2016 at 3:12 PM, Kean Sum Ooi wrote: > Hi Steve, > > Do you mean LXC containers? On Ubuntu? @Kean: I think he means lxd, not lxc @Steve: I assume you use ubuntu host? Some info in https://help.ubuntu.com/lts/serverguide/lxc.html#lxc-network still apply. In particular, iptables forwarding is the easiest way to allow access to a port in your container. However if you use nested containers, and want outside hosts to reach all the nested containers, you'd probably need bridge: https://github.com/lxc/lxd/blob/master/specs/configuration.md#type-nic The outside container bridges host's eth0 (e.g. https://help.ubuntu.com/lts/serverguide/network-configuration.html#bridging), and then on that container you create a bridge which the inside container uses. Should work. -- Fajar ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Networking LXD containers
Hi Steve, Do you mean LXC containers? On Ubuntu? PS: https://wiki.debian.org/LXC/SimpleBridge http://askubuntu.com/questions/231666/how-do-i-setup-an-lxc-guest-so-that-it-gets-a-dhcp-address-so-i-can-access-it-on https://www.flockport.com/lxc-macvlan-networking/ There are at least two ways to do this. Bridging (container is visible from host) or macvlan (container is not visible from host). 1. Bridging On the host we bridge to eth0, edit /etc/network/interfaces: auto br0 iface br0 inet dhcp bridge_ports eth0 Restart the host. You should now see br0 with ifconfig. Next in the config file for your container (eg. for privileged mode by default it's in /var/lib/lxc//config) lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 # give a dummy hwaddr lxc.network.hwaddr = 00:16:3e:86:62:10 To get more information about the config file, PS: $ man lxc.container.conf Start up your container and it should be bridged to your LAN (so accessible from other nodes on your LAN). 2. macvlan On the host create the macvlan to your eth0 network interface. $ sudo ip link add mvlan0 link eth0 type macvlan mode bridge $ sudo ifconfig mvlan0 up The mvlan0 does not need an IPv4 address as it has a IPv6 address by default, but if you need to give it an IP address can try this: $ sudo dhclient -v mvlan0 You should see mvlan0 with ifconfig. Next in the config file for your container lxc.network.type = macvlan lxc.network.macvlan.mode = bridge lxc.network.flags = up lxc.network.link = mvlan0 # dummy hwaddr lxc.network.hwaddr = 00:16:4e:75:b0:ca lxc.network.mtu = 1500 # Get mask and broadcast address from "ifconfig eth0" lxc.network.ipv4 = 192.168.10.50/24 192.168.10.255 # Get gateway from "route -n" lxc.network.ipv4.gateway = 192.168.10.254 Start up your container and it should be bridged to your LAN (so accessible from other nodes on your LAN but now since it's macvlan not from the host). Hope it helps. Thanks ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
