[lxc-devel] NFS mounts inside a container uses/requires the host IPstack
Jäkel, Guido
G.Jaekel at dnb.de
Wed Mar 16 08:55:23 UTC 2011
Dear Tim,
I guess you run into a problem with the default routes -- if you don't apply special things, there's only one default route! I struggled at start with the same, it think. But I solved it. And I don't need an ip assigned to the bridges.
Please check at first, if CONFIG_IP_ADVANCED_ROUTER is enabled in your kernel.
This give the possibility to define rule based routings, but you have to use the ip command (of iproute2) to set it up. You may google for such things. But I found, that on recent kernels (i'm using .37, too), I don't need to define such rules by myself. Instead of the kernel "does the right things(tm)" out of the box.
That's my situation: I'm going to build up a completely real-diskless environment, a bladecenter with an external filer. Each blade is acting as a host for containers. And each container should be runnable on any host.
* eth0 is reserved for the host blades to PXE boot and nfs-root from it. It's attached with an by the switch "enrolled" VLAN 163, i.e. it behave like ordinary network interface. This will make the bootstrapping much easier.
* eth1 is used to supply the LXC. It's attached with 3 unenrolled VLAN's 160-102.
* For each, an VLAN-Device named vlan16{0-2} is attached on eth1
* For each, a bridge named br160{0-2} is started with the corresponding vlan16{0-2} if assigned.
* In a container, a veth0 is linked to the desired bridge. It is set up (by DHCP) to use a IP on this VLAN and the default route for this VLAN. It also uses a virtual root filesystem. It is provided via LXC by the host, but as for the host, it points directly to a rootdir on the NFS.
A traffic is routed in a correct manner. If I access to a subnet outside the Container's VLAN subnet, the switch will route it. And the communication partner sees the ip of the container.
I'm using Gentoo Linux. If you need more details, please ask for.
Greetings
Guido
--
Dr. Guido Jäkel
Deutsche Nationalbibliothek
IT SG 2.2 (Infrastruktur Unix)
Adickesallee 1
60322 Frankfurt am Main
Tel. +49-69-1525-1750
Fax +49-69-1525-1799
mailto:g.jaekel at dnb.de
http://www.dnb.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: J?kel, Guido.vcf
Type: text/x-vcard
Size: 384 bytes
Desc: J?kel, Guido.vcf
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20110316/6b03e2f6/attachment.vcf>
More information about the lxc-devel
mailing list