[lxc-users] LXC containers w/ static IPs work on some hosts, not on others
Saint Michael
venefax at gmail.com
Thu Oct 20 18:39:57 UTC 2016
macvlan does not require router support. I use it everyday.
On Thu, Oct 20, 2016 at 2:32 PM, Marat Khalili <mkh at rqc.ru> wrote:
> Hello,
>
> I use lxc (not lxd!) with static IP addresses. Here's my config (Ubuntu
> 16.04):
>
> /etc/network/interfaces:
>
> auto br1
> iface br1 inet static
> bridge_ports eno1
> bridge_fd 0
> address 10... # host ip configuration follows
>
> /etc/lxc/default.conf:
>
> lxc.network.type = veth
> lxc.network.link = br1
> lxc.network.flags = up
> lxc.network.hwaddr = 00:16:3e:xx:xx:xx
>
> /var/lib/lxc/test/rootfs/etc/network/interfaces:
>
> auto eth0
> iface eth0 inet static
> address 10... #container ip configuration follows
>
> You seem to use macvlan. It is explicitly designed to prevent containers
> from talking to each other (they can only talk via external router), and it
> complicates things, e.g. requires router support (which might be a problem
> in your case). Unless you specifically need this feature you may have
> better results (and performance) with bridge like above.
>
> Unfortunately, many places on the web teach people to configure macvlan
> with containers without really explaining why.
>
> --
>
> With Best Regards,
> Marat Khalili
>
>
> On 20/10/16 20:33, Michael Peek wrote:
>
> Hi gurus,
>
> I'm scratching my head again. I'm using the following commands to create
> an LXC container with a static IP address:
>
> # lxc-create -n my-container-1 -t download -- -d ubuntu -r xenial -a amd64
>
> # vi /var/lib/lxc/my-container-1/config
>
> Change:
> # Network configuration
> # lxc.network.type = veth
> # lxc.network.link = lxcbr0
> # lxc.network.flags = up
> # lxc.network.hwaddr = 00:16:3e:0d:ec:13
> lxc.network.type = macvlan
> lxc.network.link = eno1
>
> # vi /var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
>
> Change:
> #iface eth0 inet dhcp
> iface eth0 inet static
> address xxx.xxx.xxx.4
> netmask 255.255.255.0
> network xxx.xxx.xxx.0
> broadcast xxx.xxx.xxx.255
> gateway xxx.xxx.xxx.1
> dns-nameservers xxx.xxx.0.66 xxx.xxx.128.66 8.8.8.8
> dns-search my.domain
>
> # lxc-start -n my-container-1 -d
>
>
> It failed to work. I reviewed my notes from past posts to the list but
> found no discrepancies. So I deleted the container and tried it on another
> host -- and it worked. Next I deleted that container and went back to the
> first host, and it failed. Lastly, I tried the above steps on multiple
> hosts and found that it works fine on some hosts, but not on others, and I
> have no idea why. On hosts where this fails there are no error messages,
> but the container can't access the network, and nothing on the network can
> access the container.
>
> Is there some step that I'm missing?
>
> Thanks for any help,
>
> Michael Peek
>
>
> _______________________________________________
> lxc-users mailing listlxc-users at lists.linuxcontainers.orghttp://lists.linuxcontainers.org/listinfo/lxc-users
>
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20161020/2fc8ad46/attachment.html>
More information about the lxc-users
mailing list