<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<blockquote>
<div>Here is my production configuration. It should work with
Redhat:<br>
<br>
<div style="margin-left:40px">lxc.network.type = macvlan<br>
lxc.network.macvlan.mode = bridge<br>
lxc.network.flags = up<br>
lxc.network.link = eth0 <br>
lxc.network.ipv4 = <a href="http://192.168.7.70/16">192.168.7.70/16</a><br>
lxc.network.ipv4.gateway = 192.168.7.1<br>
# ...# mounts point<br>
<br>
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0<br>
lxc.mount.entry = sysfs sys sysfs defaults 0 0<br>
<br>
</div>
<div style="margin-left:40px"># /lib/modules is needed for
iptables/ufw<br>
</div>
<div style="margin-left:40px">lxc.mount.entry = /lib/modules
/var/lib/lxc/lemon/rootfs/lib/modules none ro,bind 0 0<br>
</div>
<div style="margin-left:40px"># Nice to mount host home
directories<br>
</div>
<div style="margin-left:40px">lxc.mount.entry = /home
/var/lib/lxc/lemon/rootfs/home none rw,rbind 0 0<br>
<br>
# network interface name is limited to 16 chars<br>
lxc.hook.pre-start = /bin/sh -c "exec mount -n -o remount,rw
/var/lib/lxc/lemon/rootfs" <br>
lxc.hook.pre-start = /bin/sh -c "ip link add link eth0 name
lemon type macvlan mode bridge && ip link set lemon
up"<br>
lxc.hook.pre-start = /bin/sh -c "ip route add 192.168.7.70 dev
lemon || true"<br>
<br>
lxc.hook.post-stop = /bin/sh -c "ip route del 192.168.7.70 ||
true"<br>
lxc.hook.post-stop = /bin/sh -c "ip link set lemon down
&& ip link del lemon"<br>
lxc.hook.post-stop = /bin/sh -c "exec mount -n -o remount,rw
/var/lib/lxc/lemon/rootfs"<br>
</div>
<br>
</div>
<font face="arial,helvetica,sans-serif">Couple of notes:<br>
</font>
<ol>
<li><font face="arial,helvetica,sans-serif">This a Debian lxc </font>0.9.0-aplha3
system. Works fine with lxc-stop|lxc-start. It's been in
production ~ year.<br>
</li>
<li>Hostname: lemon, change hostname throughout.<br>
</li>
<li>Disable br0 bridge. Reboot. Try the above setup and get it
running. macvlan and older bridging may be incompatible in
linux.<br>
</li>
<li>Change your lxc.network.link to eth0, do not use br0.</li>
<li>Don't enable ip_forward. I don't have it enabled.</li>
<li>Don't set the mac address. Remove lxc.network.hwaddr</li>
<li>Note: macvlan takes 10-30 seconds of pinging from a
different host after lxc-start. This is normal.</li>
</ol>
</blockquote>
<div class="moz-cite-prefix">On 9/25/14 9:52 AM, Chris Kloiber
wrote:<br>
</div>
<blockquote
cite="mid:CAAB+3tOXqvUE8O286mY8FZBXSA76wrN4KgrLwdUvc6vi8aKRyg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>Would anyone know what is required (both on the host and
within a container) using Red Hat based distributions such as
Oracle Linux 6.5 or 7.0 as both the Host and the container to
have each container have its own static, Public IP (no
iptables NAT nonsense) and be reachable from anywhere? I can't
seem to find a documented example that works for me anywhere
on my own or with the help of Google...</div>
<div><br>
</div>
<div>Thanks in advance.</div>
<div><br>
</div>
<br clear="all">
<div>Chris Kloiber</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
lxc-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.linuxcontainers.org</a>
<a class="moz-txt-link-freetext" href="http://lists.linuxcontainers.org/listinfo/lxc-users">http://lists.linuxcontainers.org/listinfo/lxc-users</a></pre>
</blockquote>
<br>
</body>
</html>