[lxc-users] lxc-users Digest, Vol 28, Issue 1
Raymond Jender
rayj00 at yahoo.com
Wed Jun 25 13:48:21 UTC 2014
I made a mistake in explaining my routing issue.
I have since added another container. Each of the two containers
can ping each other. Each of the containers can ping the host.
The host can ping either container.
The containers can ping other machines on the 192.168.1.x network.
Here's the difference: other machines on the 192.168.1.x network cannot ping either
container. (they can ping the host)
Thanks,
Ray
On Wednesday, June 25, 2014 5:00 AM, "lxc-users-request at lists.linuxcontainers.org" <lxc-users-request at lists.linuxcontainers.org> wrote:
----- Forwarded Message -----
Send lxc-users mailing list submissions to
lxc-users at lists.linuxcontainers.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.linuxcontainers.org/listinfo/lxc-users
or, via email, send a message with subject or body 'help' to
lxc-users-request at lists.linuxcontainers.org
You can reach the person managing the list at
lxc-users-owner at lists.linuxcontainers.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of lxc-users digest..."
Today's Topics:
1. Newbie (Raymond Jender)
2. Nice Linux Container video by IBM's Boden Russell (brian mullan)
3. Re: Newbie (Alvaro Miranda Aguilera)
4. Re: Unprivileged container and multiple/external users
(Andre Nathan)
Hi. I'm brand new at playing with LXC and containers.
My host is Ubuntu 12.04.04.
So, when I created my first container, I used whatever the
defaults are. So I created a container that has the same
OS as the host. Great!
However I am having networking issues. I thought I read that
LXC uses it's own DHCP? The host is 192.168.1.131.
Container is 10.0.3.177. And I am using a Wireless WiFi connection.
(I am thinking I should go back to wired?)
The Host can ping the container and the container can
ping the host. However that's as far as the container can go.
It cannot ping any other device on the 192.168.1.x subnet?
What is weird is I did an "apt-get install nginx" in the
container and it worked?
So that's one issue.
The other nagging issue is mounting a USB thumb drive.
It works fine on the host but in the container, it complains about
read write, or something similar. (Sorry, at work right now).
I thought maybe there's a "How To" for setting this up?
It seems that there isn't much good documentation around for
LXC and containers?
Thanks for your help.
Ray
At the recent Openstack summit Boden Russell gave a good overview of Linux containers including cgroup, name-spaces etc.
Although this is not LXC specific I thought it might be of interest to some of you as general info.
https://www.youtube.com/watch?v=a4oOAVhNLjU
hello,
you need to enable ip forwarding in the kernel of the host, and the containers will have access to the network.
something like this:
sysctl -w net.ipv4.ip_forward=1
sed -i -e 's/net.ipv4.ip_forward\s=\s0$/net.ipv4.ip_forward = 1/' /etc/sysctl.conf
the containers will be isolated in his own network, where the host should be able to ping/access the containers, but not from the network.
if you want from outside of the host access the conainers, you can publish the ports over the host (reverse proxy, load balancer, reverse nat/iptables) or you can create a bridge in the host, move the physical interface to the bridge, and make the lxc containers to use that bridge, in that way the containers will be on the network.
hope this helps
On Wed, Jun 25, 2014 at 2:54 AM, Raymond Jender <rayj00 at yahoo.com> wrote:
>
>Hi. I'm brand new at playing with LXC and containers.
>My host is Ubuntu 12.04.04.
>
>
>So, when I created my first container, I used whatever the
>
>defaults are. So I created a container that has the same
>OS as the host. Great!
>
>
>However I am having networking issues. I thought I read that
>LXC uses it's own DHCP? The host is 192.168.1.131.
>
>Container is 10.0.3.177. And I am using a Wireless WiFi connection.
>(I am thinking I should go back to wired?)
>
>
>
>The Host can ping the container and the container can
>ping the host. However that's as far as the container can go.
>It cannot ping any other device on the 192.168.1.x subnet?
>What is weird is I did an "apt-get install nginx" in the
>container and it worked?
>
>
>So that's one issue.
>
>
>The other nagging issue is mounting a USB thumb drive.
>It works fine on the host but in the container, it complains about
>read write, or something similar. (Sorry, at work right now).
>I thought maybe there's a "How To" for setting this up?
>
>
>It seems that there isn't much good documentation around for
>
>LXC and containers?
>
>
>Thanks for your help.
>
>
>Ray
>
>_______________________________________________
>lxc-users mailing list
>lxc-users at lists.linuxcontainers.org
>http://lists.linuxcontainers.org/listinfo/lxc-users
>
Serge,
On 06/04/2014 05:54 PM, Serge Hallyn wrote:
> Quoting Andre Nathan (andre at digirati.com.br):
>> Is there any way around that? Maybe some mount option to map the mount
>> point's UID and GID to something different inside the container?
>
> Not yet. We were discussing just that yesterday (on lkml I believe),
> but it doesn't yet exist.
Was the discussion "friendly" towards supporting UID shifts for bind mounts?
> For now you must have a separate filesystem
> for each unprivileged container (or at least one per uid map).
Does a btrfs subvolume count as a filesystem here?
With multiple root-owned unprivileged containers, do I still need one
filesystem for each container or would one be enough given they're all
owned by the same user?
Thanks,
Andre
_______________________________________________
lxc-users mailing list
lxc-users at lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140625/5d6c64f6/attachment.html>
More information about the lxc-users
mailing list