Assigning public IP to LXD container - not working

Hi all, I am trying to assign a public IP to one of my containers (all the others do not need static public IP with direct access to Internet as they are behind a proxy).
Am using Ubuntu 18.04. Here is my config and the command used to assign IP to the container.
On the host I have configured the second IP as it follows:

#HOST 01-netcfg.yaml

network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      match:
        macaddress: 0a:00:00:00:00:00
      addresses: 
        - 9x.xx.xxx.162/32 
        - 17x.xxx.xxx.186/24
      #gateway6: fe80::1 
      routes:
        - to: 0.0.0.0/0
          via: 9x.xxx.xxx.xxx
          #on-link: true
          metric: 100
        - to: 0.0.0.0/0
          via: 17x.xxx.xxx.1
          metric: 100
      nameservers:
        search: [ invalid ]
        addresses:
          - xx.xxx.xxx.252
          - xx.xxx.xxx.251 
$ ip a
 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      inet 127.0.0.1/8 scope host lo
         valid_lft forever preferred_lft forever
  2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
      link/ether 00:50:56:3d:2a:a2 brd ff:ff:ff:ff:ff:ff
      inet 9x.xxx.xxx.162/32 scope global eth0
         valid_lft forever preferred_lft forever
      inet 17x.xxx.xxx.186/24 brd 17x.xxx.xxx.255 scope global eth0
         valid_lft forever preferred_lft forever
      inet6 fe80::250:56ff:fe3d:2aa2/64 scope link 
         valid_lft forever preferred_lft forever
  3: lxdbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
      link/ether 06:59:c8:fe:92:0f brd ff:ff:ff:ff:ff:ff
      inet 10.88.30.1/24 scope global lxdbr0
         valid_lft forever preferred_lft forever
      inet6 fd42:c065:1583:bbbf::1/64 scope global 
         valid_lft forever preferred_lft forever
      inet6 fe80::e0fb:3ff:fe3c:2f38/64 scope link 
         valid_lft forever preferred_lft forever
  5: veth92c4df1c@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxdbr0 state UP group default qlen 1000
      link/ether 1e:4d:e9:66:e2:19 brd ff:ff:ff:ff:ff:ff link-netnsid 0
  7: veth2399e2e3@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxdbr0 state UP group default qlen 1000
      link/ether 06:59:c8:fe:92:0f brd ff:ff:ff:ff:ff:ff link-netnsid 1
  9: veth311523ae@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxdbr0 state UP group default qlen 1000
      link/ether aa:95:58:ca:cc:46 brd ff:ff:ff:ff:ff:ff link-netnsid 2
  13: vethf380a8d0@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxdbr0 state UP group default qlen 1000
      link/ether 1a:d4:f3:04:0f:28 brd ff:ff:ff:ff:ff:ff link-netnsid 4

I used the following command to assign public IP to mycont:

 lxc config device add mycont eth0 nic nictype=ipvlan parent=eth0 ipv4.address=17x.xxx.xxx.186

Within the container (mycont) I have this:

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
14: eth0@if2: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 00:50:56:3d:2a:a2 brd ff:ff:ff:ff:ff:ff
    inet 17x.xxx.xxx.186/32 brd 255.255.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::50:5600:13d:2aa2/64 scope link 
       valid_lft forever preferred_lft forever

However, since the configuration, “mycont” can’t access internet.
One more thing, mycont is not receiving IP from lxdbr0 as the other containers.
Will appreciate any help to fix this.
Thanks

Hello,
Just to clarify what I am trying to do.
I have a series of containers all sharing lxdbr0 and accessible through proxy. Actually they are all working with no issu. However, one application I am installing require the container to have a public IP. I therefore acquired a second public IP that I want to assign to that single container.

  • I tried with Netplan, adding the second IP and then assigning that second IP to lxdbr0 an latter to the container - it fails.
    Will appreciate any hints on how to proceed.
    Thanks

Hey,

You have to route the public ip to the container and assign the ip into the container. Not only the routes of the container, but the route of your host, to redirect into the container.
You could check this thread: How to set public IPs for each container in LXD 3.0.0 & Ubuntu 18.04

See you.

If you’re using ipvlan in the container then you should not add the IP you want in the container on the host as well, as they will conflict.

The reason your container isn’t getting an IP from lxdbr0 is because when you ran

lxc config device add mycont eth0...

you replaced the bridge NIC eth0 from the default profile with your ipvlan NIC.

If you wanted to have both you would need to remove the ipvlan NIC

lxc config device remove mycont eth0

and then re-add as eth1

lxc config device add mycont eth1...

Note: However be aware than when using ipvlan it will add a default route for you to the container, run ip r inside the container to see it, and if you also have an lxdbr0 NIC then that will also configure a default route from DHCP.

So you need to be clear in your mind which NIC you plan to use for the default gateway, and potentially avoid using DHCP on eth0 (lxdbr0) and set just the internal IP you want manually without the gateway.

Please can you advise more on why the application needs a public IP, what specifically does it need?