[lxc-users] LXD static IP in container

Mike Wright nobody at nospam.hostisimo.com
Tue Feb 11 19:00:34 UTC 2020 

On 2/11/20 10:01 AM, Michael Eager wrote:
> On 2/8/20 1:32 PM, Mike Wright wrote:
>> On 2/6/20 8:29 AM, Michael Eager wrote:
>>> Thanks.  I had tried this, but it didn't appear to work.  I just tried
>>> it again and got it to work.
>>>
>>> I assume that I can move the eth0 definition back to the profile,
>>> without the ipv4.address specification.
>> https://lxd.readthedocs.io/en/latest/instances/#type-nic
>>
>> Do searches on dhcp and static.
>>
>> When dealing with device type=nic address assignment depends on nic type:
>>
>> if nic type=bridged ipv4.address is assigned via DHCP
>> if nic type=routed  ipv4.address is assigned as static
>>
>> Maybe that will clear up some of the confusion.
> 
> I'm trying to configure LXD containers, not LXC.  LXC containers are
> working correctly.

The provided link to the docs was LXD.readthedocs.io

> There's still a lot of confusion.  :-/

Yes, here too.  I'm experimenting with the nic types but a lot of the 
problems I'm running into have to do with me misunderstanding the LXD 
command syntax.  The docs are rather sparse and seem to be geared toward 
people who already understand this stuff, ie the Cliff Notes vs The Book.

> If nictype=bridged is set in the profile, then a container gets two IP
> addresses.  One from DHCP when the container is launched, the second is
> a static IP when the container configures the NIC.

The DHCP address is created by lxd based on the profile.  The static 
address is being created by the container itself, so you have two 
separate events taking place.  Use the profile OR the container 
networking scripts, not both (unless you know exactly what you are 
trying to accomplish).

> If nictype=routed, only the static IP is set.  eth0 is present in the
> container, but there is no network connectivity.

My speculation is that something needs needs to set the route.  The 
simplest route would be between the host and container and could allow 
disparate networks to connect, e.g. 10.X to 192.Y.  Whether that is on 
the host, container, or both I've yet to figure out.

> If nictype=macvlan, "lxc list" shows that the container has an IP
> address from DHCP, but "nmcli connection show" does not display eth0
> under DEVICE.  "ip addr" does show eth0, but "ifup eth0" says no device
> exists.  (I'm really confused about this; dmesg shows "eth0 renamed from
> mac...")

This one makes sense to me.  The container's utilities (nmcli & ilk) get 
their knowledge of the network from config files.  "ip" gets its 
information from inspection and/or specification.  Neither know about 
the other

> If nictype=ipvlan, an IP address is obtained using DHCP, but no eth0
> device appears in the container (i.e., nmcli shows no device, ifup
> fails.)  There is network connectivity.

See the comment about macvlan.  The way I see this is macvlan is L2 and 
ipvlan is L3.  Use whichever matches how you deal with network life, IPs 
or MACs.

> [There's some deja vu here.  I had a similar problem using LXC about a
> year ago, where the container was getting both DHCP and static IP.  I
> don't recall how I fixed that problem.  I don't see anything in
> lxc.conf or in the container configuration.]

Yeah, that's the old defined differently in two different places thing 
again.  :/

Go to the link to the docs and look for "bridged, macvlan or ipvlan for 
connection to physical network".  That sections explains the differences.

--------

Now, for those who know more than I (almost everybody?) PLEASE feel free 
to contribute to this thread and share some knowledge and PLEASE correct 
any errors.

Mike Wright

More information about the lxc-users mailing list