I have an application that runs on several servers in a cluster. I am looking to access container in A from many containers in A, B , C, D etc… Containers have different IP class than others obviously. I can’t even ping the Database Container from the other server. In the past I have been able to do this with a NOSQL via Nginx. Anyway looking for the easiest and best way for container 240.19.0.95 to be able to access Mysql in 240.18.0.90.
The subnets you’re using suggest you’re using a fan nework, is that correct?
If so, all containers would be expected to have direct IP connectivity to one another, if they don’t (as you’re indicating), then it’d probably be best to figure out what’s preventing the fan from doing its job, once resolved, that will allow direct connectivity between containers.
Can you show lxc network show lxdfan0 (assuming that’s its name).
And then ip -4 a on each of the hosts too.
Do you have firewalling going on between your hosts? I believe the fan uses VXLAN by default which would require UDP 4789 to be allowed in between the servers.
Ok, the fan config looks correct, so chances are all your problems are firewall related.
For the fan to work, I’d expect you at the very least need:
VXLAN to be allowed through (udp/4789)
Firewall on each of the hosts (if present) to allow FORWARD to/from the fan subnet (240.0.0.0/8) over the underlay interface (enp1s0 or enp1s0f0 in your case)
You’ll probably want to run some tcpdump on both lxdfan0 and enp1s0 to see what’s being received and sent.
ip -4 route show on the different servers may also be useful (though I remember most of the fan magic being hidden in the kernel).
I have UFW in each server and added ufw allow proto udp from any to any port 4789 to each server. Not sure if this fulfills your rule: ufw allow proto udp from any to any port 4789
I found that if disable UFW it seems to work.
Any idea for what rule to add.