[Lxc-users] Making LXC accept an already open network interface—or other options
Serge Hallyn
serge.hallyn at canonical.com
Tue May 10 14:36:34 UTC 2011
Quoting David Serrano (dserrano5 at gmail.com):
> On Mon, May 9, 2011 at 14:52, Serge Hallyn <serge.hallyn at canonical.com> wrote:
> >
>
> Thanks for your response. Before scripting it, let's try manually first:
>
>
> > devs=`ls /sys/class/net/veth*`
> > ip link add type veth
> > newdevs=`ls /sys/class/net/veth*`
> > # Get the intersection of $devs and $newdevs
>
> I assume you mean "difference" instead of "intersection", since the
Hah, yeah.
> first execution of ls gives an emtpy output, and the purpose of this
> is obtaining the new devices, right?
>
> host# ls /sys/class/net/
> eth0 eth1 lo br0
> host# ip link add type veth
> host# ls /sys/class/net/
> eth0 eth1 lo br0 veth0 veth1
> host# _
>
>
> > # Attach $dev1 to your bridge
>
> Assuming $dev1 is the first of the new devices:
>
> host# brctl addif br0 veth0
> host# _
>
>
> > lxc-start -n mycontainer
> > # mycontainer has no network
>
> After this, the container sees the same interfaces as the host and it
Oh, no. So it thought you didn't want your own network namespace.
I don't know if there is a way to tell it to give you a new netns,
without new devices. Of course you can trivially patch it to do
that, but for now since we're testing it shouldn't hurt to just
1. tell it to give you a normal network interface
lxc.network.type=veth
lxc.network.link=br0
lxc.network.flags=down
2. bring up the container
3. bring down the normal interface
4. Continue here with passing veth1 into the container.
More information about the lxc-users
mailing list