[lxc-users] lxc 2.0 adding a nic to a container on another vlan (was: access to snapshots from within the containers)

Michel Jansens michel.jansens at ulb.ac.be
Fri Jun 16 13:45:08 UTC 2017 

Thanks a lot Fajar,

I did :
 lxc config device add welcome-lemur eth1 nic nictype=bridged parent=brvlan3904 name=eth1
And ‘brctl show' shows the interface ‘veth41aa07e1’ was added to the brvlan3904 bridge.

What I don’t get is where to find the documentation for this. I thought I had to look to in “man lxc.container.conf” but I don’t find any reference to network type ‘bridge' (found macvlan, veth,…) …

But it works.

Thanks

Michel

> On 16 Jun 2017, at 13:14, Fajar A. Nugraha <list at fajar.net> wrote:
> 
> On Fri, Jun 16, 2017 at 5:01 PM, Michel Jansens <michel.jansens at ulb.ac.be <mailto:michel.jansens at ulb.ac.be>> wrote:
> Thanks a lot Stéphane for this information,
> 
> I succeeded in attaching a bridge device from a specific vlan following your advise from https://github.com/lxc/lxd/issues/2551 <https://github.com/lxc/lxd/issues/2551>
> command I used is: lxc config device add welcome-lemur eth1 nic nictype=macvlan parent=brvlan3904 name=eth1
> 
> In /etc/network/interfaces I added:
> 
> #vlan 3904 interface on enp1s0f0
> auto vlan3904
> iface vlan3904 inet manual
>         vlan_raw_device enp1s0f0
> #add a bridge for vlan3904
> auto brvlan3904
> iface  brvlan3904 inet  manual
>        bridge_ports vlan3904
> 
> 
> I managed to add the brvlan3904 to multiple containers, but this doesn’t create an interface for each container in the brvlan3904 bridge,
> 
> 
> That's what macvlan does. It works for some usecase (and can be easier, since you DON'T need to create a bridge), but can cause some problems (e.g. host can't connect to container's macvlan interface).
> 
> 
>  
> and I don’t know what the security consequences are… 
> Is This OK like this?
> 
> 
> Alternatively, to mimic how lxc br0 bridge looks (one interface for each container with vethXXXXXX like names), I tried to add more ports to the bridge,with dummy interfaces: 
> 
> ip link add welcomelemur type dummy
> brctl addif brvlan3904 welcomelemur
> ifconfig welcomelemur up
> lxc config device add welcome-lemur eth1 nic nictype=macvlan parent=brvlan3904 name=eth1
> 
> But this gave me: error: Failed to create the new macvlan interface: exit status 2
> I tried using nictype=veth instead of mtacvlan but got 'error: Bad nic type: veth’ 
> 
> How should I do this properly?
> 
> 
> 
> Did you want "nictype=bridged"?
> 
> https://github.com/lxc/lxd/blob/master/doc/containers.md#type-nic <https://github.com/lxc/lxd/blob/master/doc/containers.md#type-nic>
> 
> -- 
> Fajar
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20170616/3eed77c4/attachment.html>

More information about the lxc-users mailing list