<div dir="ltr"><div></div><div class="markdown-here-wrapper" id="markdown-here-wrapper-304678" style><p style="margin:1.2em 0px!important">Thank you for your detailed explanation. I've finally found out what the problem was, it was related to iptable rules being too strict for the container to retrieve an IP address. I don't know how to solve this, or which rule causes this, but for completeness sake, here are my iptable rules:</p>
<pre style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em;line-height:1.2em;overflow:auto;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline;white-space:pre;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em 0.7em;display:block;padding:0.5em;color:rgb(51,51,51);background-color:rgb(248,248,255);background-repeat:initial initial">root@ip-10-33-165-95:~# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
system all -- anywhere anywhere
ssh all -- anywhere anywhere
http all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain http (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:5000
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
Chain ssh (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
Chain system (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED</code></pre>
<p style="margin:1.2em 0px!important">Any idea how I can get an IP assigned to the container without having to remove all my iptable rules?</p>
</div><div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Apr 17, 2013 at 7:13 AM, Masood Mortazavi <span dir="ltr"><<a href="mailto:masoodmortazavi@gmail.com" target="_blank">masoodmortazavi@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">It is not clear at all what exactly you are trying to do? <div><br></div><div>What are you trying to connect to what, exactly? <div>
<br></div><div>Lxcbr0 bridge needs to be on some networki nterface. What interface is that?</div>
<div><br></div><div>Along with the information provided below, one would need to analyze ifconfig output along with your lxc's config file.</div><div><br></div><div>Even if you don't feel comfortable providing these on a public forum, it may be beneficial to study them closely.</div>
<div><br></div><div>Finally, it is highly likely that there is only a single network interface usable by the EC2 machine you have.</div><div><br></div><div>Since it looks like you don't have budgetted IP addresses available to you, my guess is that you have a Zen based MAC address assigned to your container. </div>
<div><br></div><div>What all this means is that if your EC2s happen to be provisioned on the same HW, by Amazon (something they will most likely do), the bridging will work across containers on co-resident EC2s, and when they are not co-resident, it won't. </div>
<div><br></div><div>Since you cannot determine or force the residency of your EC2, the only remaining choice seems for you to purchase the fixed IP services Amazon had to offer for the relevant containers.</div><div><br>
</div>
<div>The other choice -- my guess is -- to keep trying and churning until they become co-resident.(I<span></span><span> am guessing all this based on a black box architectural view.)</span></div><div><div class="h5">
<div><br><br>On Monday, April 15, 2013, Jean Mertz wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="font-family:Helvetica;font-size:13px">Ben,<div><br></div><div>Thank you for your input. However, this does not work for me.</div><div><br></div><div>$ host worker 10.0.3.1</div><div><div>Using domain server:</div>
<div>Name: 10.0.3.1</div><div>Address: 10.0.3.1#53</div><div>Aliases: </div><div><br></div><div>Host worker not found: 3(NXDOMAIN)</div></div><div><br></div><div><br></div><div>I did notice this error when starting the container non-deamonized:</div>
<div><br></div><div><div><30>udevd[136]: starting version 175</div><div>error: unexpectedly disconnected from boot status daemon</div></div></div>
<div><div><br></div><div>-- </div><div>Jean Mertz<br></div><div><br></div></div>
<p style="color:#a0a0a8">Op maandag 15 april 2013, om 23:00 heeft Ben Butler-Cole het volgende geschreven:</p>
<blockquote type="cite" style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px">
<span><div><div><div dir="ltr"><div><div>Hi Jean<br><br>You should be able to get the container's IP address from<br><br><div style="margin-left:40px">host worker 10.0.3.1<br></div><br></div></div>
<div>I use this on 12.04 and I believe that it should work for other versions.<br>
<br></div>-Ben<br><br></div><div><br><br><div>On 15 April 2013 20:56, Mertz, Jean <span dir="ltr"><<a>jean@mertz.fm</a>></span> wrote:<br><blockquote type="cite"><div><div dir="ltr"><div><p style="margin:1.2em 0px!important">
Hello,</p>
<p style="margin:1.2em 0px!important">I've been trying to set up an EC2 hosted network of LXC containers to use with<br>our company's Jenkins CI infrastructure. I've been successful at creating and<br>running lxc containers, but it appears that assigning IP addresses behaves<br>
radically.</p>
<p style="margin:1.2em 0px!important">I tested this on <strong>EC2 Ubuntu 12.04, 12.10 and 13.04</strong>. All three gave somewhat<br>equal results, meaning IP addresses aren't always assigned to the containers,<br>but they do work sometimes, so the setup seems correct.</p>
<p style="margin:1.2em 0px!important">Here are the steps I tried:</p>
<ul style="margin:1.2em 0px;padding-left:2em">
<li style="margin:0.5em 0px">Boot up EC2 instance</li>
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">sudo -i</code></li>
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">apt-get update</code></li>
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">apt-get upgrade</code></li>
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">apt-get install xlc</code></li>
<li style="margin:0.5em 0px">Create container, I tried several ways:<ul style="margin:1.2em 0px;padding-left:2em;margin:0px;padding-left:1em">
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">lxc-create -n worker -t ubuntu</code></li>
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">lxc-create -n worker -t ubuntu-cloud</code></li>
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">lxc-create -n worker -t ubuntu-cloud -- -C</code></li>
</ul>
</li>
<li style="margin:0.5em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline">lxc-start -n worker -d</code></li>
</ul>
<p style="margin:1.2em 0px!important">After this, I've always managed to get into the worker instance using <code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:nowrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline"></code></p>
</div></div></div></blockquote></div></div></div></div></span></blockquote></blockquote></div></div></div></div>
</blockquote></div><br></div>