[lxc-users] {Disarmed} Re: How to release IP for inactive containers?
Michael H. Warfield
mhw at WittsEnd.com
Sat Apr 11 01:14:50 UTC 2015
On Fri, 2015-04-10 at 17:47 -0700, Dan Shi wrote:
> One dumb question, how can I setup lxc-net to support a subnet larger
> than 253? I tried following:
> LXC_NETWORK="MailScanner warning: numerical links are often malicious:
> 10.0.3.0/16"
> LXC_DHCP_RANGE="10.0.3.2,10.0.254.254,1h"
> LXC_DHCP_MAX="61500"
10.0.3.0/16 is an invalid subnet. For a /16, the last two octets must
be zero. So....
10.0.0.0/16 is valid for 10.0.0.0 -> 10.0.255.255
10.3.0.0/16 is valid for 10.3.0.0 -> 10.3.255.255
10.0.3.0/16 is not valid.
> New container can't get IP with such settings.
Try a valid subnet.
>
> Thanks,
>
> Dan
Regards,
Mike
>
>
>
> On Fri, Apr 10, 2015 at 3:34 PM, Dan Shi <bruingo at gmail.com> wrote:
> Hi Fajar,
>
>
> Thanks for the reply! I tried to stop container gracefully
> (lxc-stop), but the IP is not released, I can still find it
> in /var/lib/misc/dnsmasq.lxcbr0.leases.
>
>
> However, the IP assignment does get cleaned up after a while
> (once a day?) it seems to be controlled by lease time, maybe
> default to 24 hours. I will look into that.
>
>
> Thanks,
>
> Dan
>
>
>
> On Thu, Apr 9, 2015 at 3:39 PM, Fajar A. Nugraha
> <list at fajar.net> wrote:
> On Fri, Apr 10, 2015 at 5:29 AM, Dan Shi
> <bruingo at gmail.com> wrote:
> > I ran into a problem that only 253 containers get
> network connection. New
> > containers after that can't getIP from lxc bridge,
> even if I stop/destroy
> > existing running containers. The problem,
> apparently, is that the default in
> > /etc/default/lxc-net, has LXC_DHCP_MAX set to 253.
> >
> > I suppose I can increase that number to have a large
> enough subnet. However,
> > I'm wondering if there is a more elegant solution.
> For example, I can
> > periodically call a script, or call it before
> destroying a container, to
> > release IP for dead containers?
>
>
> The elegant solution should be letting the container
> shutdown
> gracefully (IIRC the default with lxc-stop since some
> time), which
> should release its DHCP lease.
>
> You could also look
> at /var/lib/misc/dnsmasq.lxcbr0.leases , but IMHO
> it's not worth the effort. Simply
> adjust /etc/default/lxc-net
> according to your needs (including changing its
> address and netmask if
> you plan to use more than 253 max dhcp clients) and
> shutdown your
> containers cleanly whenever possible.
>
> See also dnsmasq man page
> (http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html).
>
> --
> Fajar
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
>
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
--
Michael H. Warfield (AI4NB) | (770) 978-7061 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 465 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150410/50b9b977/attachment.sig>
More information about the lxc-users
mailing list