[lxc-devel] Is this a valid LXD 2.7-0ubuntu2 config

Stéphane Graber stgraber at ubuntu.com
Wed Jan 18 17:00:01 UTC 2017 

On Wed, Jan 18, 2017 at 12:39:48PM +0100, Louis Bouchard wrote:
> Hello,
> 
> Given a NIC with a tagged vlan (Id 100) named enp0s25.100. This vlan has a DHCP
> server on the router.
> 
> After installing LXD from scratch, and configuring it without any bridge I do
> the following :
> 
> $ lxc profile device add default eth0 nic nictype=macvlan parent=enp0s25.100
> $ lxc launch ubuntu-daily:z test
> 
> The container starts correctly and gets a valid IP addres on the subnet of the
> vlan :
> 
> 
> -- # lxc list
> +------+---------+------------------------+------+------------+-----------+
> | NAME |  STATE  |          IPV4          | IPV6 |    TYPE    | SNAPSHOTS |
> +------+---------+------------------------+------+------------+-----------+
> | test | RUNNING | 192.168.100.130 (eth0) |      | PERSISTENT | 0         |
> +------+---------+------------------------+------+------------+-----------+
> 
> 
> If this is a valid configuration, then there is a bug in the way that Juju
> detects the network configuration as :
> 
> # juju bootstrap lxd lxd
> ERROR creating LXD client: juju doesn't support ipv6. Please disable LXD's IPV6:
> 
>         $ lxc network set enp0s25.100 ipv6.address none
> 
> and rebootstrap
> 
> 
> Looks like juju/tools/lxdclient/network_client.go:checkBridgeConfig is not
> getting the proper information in return when the network being used is not a
> bridge.
> 
> Any thought ?

That is indeed a valid config and Juju's network config detection is
rather naive and error prone when you're not using the most basic
network config.

Do note however that when using macvlan for your containers, the host
will not be able to talk to them over the network that you attached to
them. So if your host is also using enp0s25.100 to get to the network,
this may be a problem and will likely prevent Juju from communicating
with the containers.

If host and containers are using separate vlans, then that won't be a
problem as the host will talk to the containers through its gateway,
getting around that macvlan limitation.

> 
> Kind regards,
> 
> ...Louis

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170118/c00b2359/attachment.sig>

More information about the lxc-devel mailing list