Skip to content

Instantly share code, notes, and snippets.

@maxivak

maxivak/readme.md

Last active November 21, 2022 21:16
Show Gist options
  • Save maxivak/1e197ca600499ae2a0b60d8dfa207864 to your computer and use it in GitHub Desktop.
Save maxivak/1e197ca600499ae2a0b60d8dfa207864 to your computer and use it in GitHub Desktop.
Download ZIP
Multiple networks in LXC container
Raw
readme.md

Network for LXC container

Host device as bridge

  • persisted in host's /etc/network/interfaces the container's veth virtual ethernet interface can share the network link on the physical interface of the host (eth0). So the container resides on the same ethernet segment and talks to the same dhcp server as the host does.

Additonal bridge device

  • setup manually with brctl

  • the container's veth virtual ethernet interface accesses the network via the bridge device created on the host. By default, the container is not visable from outside the host.

  • Read more: https://wiki.debian.org/LXC/SimpleBridge

Bridge lxcbr1

Create second bridge lxcbr1 on the host machine

sudo brctl addbr lxcbr1

check:

sudo brctl show

you should see:

bridge name	bridge id		STP enabled	interfaces
lxcbr0		8000.fef4b53469cc	no		veth1F9DD9
lxcbr1		8000.000000000000	no
  • add for your user

/etc/lxc/lxc-usernet

# --------------------
USERNAME TYPE BRIDGE COUNT
ulxc veth lxcbr0 2
ulxc veth lxcbr1 2

here ulxc is our user used for running lxc containers. Create your own user.

Create LXC container

we will create unpriviliged LXC container.

Read this post how to do it - https://gist.github.com/maxivak/86a4358c8687cbf0af47563470b64ee6

LXC contrainer config

  • $HOME/.config/lxc/default.conf
lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.network.name = eth0
lxc.network.flags = up

lxc.network.type = veth
lxc.network.link = lxcbr1
lxc.network.name = eth1
lxc.network.flags = up


lxc.id_map = u 0 296608 65536 # change it to your values
lxc.id_map = g 0 296608 65536 # change it to your values

Static (persistent) IP address for LXC container

Container config

  • create a new file for container config /var/lib/lxc/__containername__/config
...

## Network
lxc.utsname = containershostname

lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.network.name = eth0
lxc.network.flags = up


lxc.network.type = veth
lxc.network.link = lxcbr1
lxc.network.name = eth1
lxc.network.ipv4 = 192.168.1.110/24 # set IP in your network
lxc.network.ipv4.gateway = 192.168.1.1

lxc.network.flags = up


# name of network device inside the container,
# defaults to eth0, you could choose a name freely
# lxc.network.name = lxcnet0 

#lxc.network.hwaddr = 00:FF:AA:00:00:01

Dnsmasq

  • edit /etc/default/lxc-net

Uncomment the following line LXC_DHCP_CONFILE line.

# Uncomment the next line if you'd like to use a conf-file for the lxcbr0
# dnsmasq.  For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have
# container 'mail1' always get ip address 10.0.3.100.
LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf
Then create the file /etc/lxc/dnsmasq.conf and add the line

dhcp-host=u1, 10.0.3.10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment