[lxc-users] LXC containers w/ static IP, inconsistent behavior
Michael Peek
peek at nimbios.org
Fri Oct 21 12:46:38 UTC 2016
I'd still like to know *why* this works on one host but not the other.
Anyone have a clue?
===============================================================================
THIS WORKS ON HOST #1:
===============================================================================
Script started on Thu 20 Oct 2016 04:31:16 PM EDT
root at working-host:~# lxc-create -n my-container-1 -t download -- -d
ubuntu -r xenial -a amd64
Using image from local cache
Unpacking the rootfs
---
You just created an Ubuntu container (release=xenial, arch=amd64,
variant=default)
To enable sshd, run: apt-get install openssh-server
For security reason, container images ship without user accounts
and without a root password.
Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.
root at working-host:~# cp /var/lib/lxc/my-container-1/config
/var/lib/lxc/my-container-1/config.orig
root at working-host:~# gvim /var/lib/lxc/my-container-1/config
root at working-host:~# diff /var/lib/lxc/my-container-1/config.orig
/var/lib/lxc/my-container-1/config
20,23c20,25
< lxc.network.type = veth
< lxc.network.link = lxcbr0
< lxc.network.flags = up
< lxc.network.hwaddr = 00:16:3e:3d:58:3b
---
> # lxc.network.type = veth
> # lxc.network.link = lxcbr0
> # lxc.network.flags = up
> # lxc.network.hwaddr = 00:16:3e:3d:58:3b
> lxc.network.type = macvlan
> lxc.network.link = enp6s0
root at working-host:~# cp
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces.orig
root at working-host:~# gvim
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
root at working-host:~# diff
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces.orig
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
9c9,17
< iface eth0 inet dhcp
---
> #iface eth0 inet dhcp
> iface eth0 inet static
> address xxx.xxx.130.4
> netmask 255.255.255.0
> network xxx.xxx.130.0
> broadcast xxx.xxx.130.255
> gateway xxx.xxx.130.1
> dns-nameservers xxx.xxx.0.66 xxx.xxx.128.66 8.8.8.8
> dns-search mydomain.org
root at working-host:~# lxc-start -n my-container-1 -d
root at working-host:~# #
root at working-host:~# # HERE'S THE OUTPUT FROM ANOTHER HOST:
root at working-host:~# #
root at working-host:~# # $ ping xxx.xxx.130.4
root at working-host:~# # PING xxx.xxx.130.4 (xxx.xxx.130.4) 56(84) bytes
of data.
root at working-host:~# # 64 bytes from xxx.xxx.130.4: icmp_seq=1 ttl=64
time=0.347 ms
root at working-host:~# # 64 bytes from xxx.xxx.130.4: icmp_seq=2 ttl=64
time=0.338 ms
root at working-host:~# # 64 bytes from xxx.xxx.130.4: icmp_seq=3 ttl=64
time=0.360 ms
root at working-host:~# # 64 bytes from xxx.xxx.130.4: icmp_seq=4 ttl=64
time=0.344 ms
root at working-host:~# # 64 bytes from xxx.xxx.130.4: icmp_seq=5 ttl=64
time=0.332 ms
root at working-host:~# # 64 bytes from xxx.xxx.130.4: icmp_seq=6 ttl=64
time=0.292 ms
root at working-host:~# # ^C
root at working-host:~# # --- xxx.xxx.130.4 ping statistics ---
root at working-host:~# # 6 packets transmitted, 6 received, 0% packet
loss, time 5004ms
root at working-host:~# # rtt min/avg/max/mdev = 0.292/0.335/0.360/0.028 ms
root at working-host:~# #
root at working-host:~# lxc-stop -n my-container-1
root at working-host:~# lxc-destroy -n my-container-1
Destroyed container my-container-1
root at working-host:~# exit
Script done on Thu 20 Oct 2016 04:38:40 PM EDT
===============================================================================
THIS DOESN'T WORK ON HOST #2:
===============================================================================
Script started on Fri 21 Oct 2016 08:17:28 AM EDT
root at nonworking-host:~# lxc-create -n my-container-1 -t download -- -d
ubuntu -r xenial -a amd64
Using image from local cache
Unpacking the rootfs
---
You just created an Ubuntu container (release=xenial, arch=amd64,
variant=default)
To enable sshd, run: apt-get install openssh-server
For security reason, container images ship without user accounts
and without a root password.
Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.
root at nonworking-host:~# cp /var/lib/lxc/my-container-1/config
/var/lib/lxc/my-container-1/config.orig
root at nonworking-host:~# gvim /var/lib/lxc/my-container-1/config
root at nonworking-host:~# diff /var/lib/lxc/my-container-1/config.orig
/var/lib/lxc/my-container-1/config
20,23c20,25
< lxc.network.type = veth
< lxc.network.link = lxcbr0
< lxc.network.flags = up
< lxc.network.hwaddr = 00:16:3e:36:cd:10
---
> # lxc.network.type = veth
> # lxc.network.link = lxcbr0
> # lxc.network.flags = up
> # lxc.network.hwaddr = 00:16:3e:36:cd:10
> lxc.network.type = macvlan
> lxc.network.link = eno1
root at nonworking-host:~# cp
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces.orig
root at nonworking-host:~# gvim
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
root at nonworking-host:~# diff
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces.orig
/var/lib/lxc/my-container-1/rootfs/etc/network/interfaces
9c9,17
< iface eth0 inet dhcp
---
> #iface eth0 inet dhcp
> iface eth0 inet static
> address xxx.xxx.130.4
> netmask 255.255.255.0
> network xxx.xxx.130.0
> broadcast xxx.xxx.130.255
> gateway xxx.xxx.130.1
> dns-nameservers xxx.xxx.0.66 xxx.xxx.128.66 8.8.8.8
> dns-search mydomain.org
root at nonworking-host:~# lxc-start -n my-container-1 -d
root at nonworking-host:~# #
root at nonworking-host:~# # HERE'S THE OUTPUT FROM ANOTHER HOST:
root at nonworking-host:~# #
root at nonworking-host:~# # $ ping xxx.xxx.130.4
root at nonworking-host:~# # PING xxx.xxx.130.4 (xxx.xxx.130.4) 56(84)
bytes of data.
root at nonworking-host:~# # ^C
root at nonworking-host:~# # --- xxx.xxx.130.4 ping statistics ---
root at nonworking-host:~# # 8 packets transmitted, 0 received, 100% packet
loss, time 7046ms
root at nonworking-host:~# lxc-stop -n my-container-1
root at nonworking-host:~# lxc-destroy -n my-container-1
Destroyed container my-container-1
root at nonworking-host:~# exit
Script done on Fri 21 Oct 2016 08:21:57 AM EDT
Michael
More information about the lxc-users
mailing list