Container in LXD cluster without internet access

I have the following architecture that I am working on:

Untitled Diagram.drawio741×291 23.4 KB

My intent is to setup a group of containers in separate LXD projects. Each container is being created one per node in the cluster within a project. On a single node LXD instance things works perfectly. Once you use a cluster, the containers cannot connect to each other using FAN.

With OVN I manage to get the containers to talk to each other but they cannot access the internet. I followed these tutorials all with similar results:

• https://youtu.be/1M__Rm9iZb8
• OVN high availability cluster tutorial
• https://linuxcontainers.org/lxd/docs/latest/howto/network_ovn_setup/

This makes me conclude I am doing something wrong. I use root servers with hetzner that are connected via a vSwitch. The machines on the LXD cluster have 4 interfaces:

1 public
2 VLAN - one for the LXD cluster and to connect to the OVN server
1 bridge interface on a VLAN interface for the UPLINK ovn network.

Please any help would be greatly appreciated. I am happy to provide any config files or outputs required for debugging.

Thank you!

I had a testbed with lxc containers that also need to talk to each other and access the internet.

My solution was :

• connectivity in the cluster: creating a bridge on each node and connecting all bridges with a vxlan.
• outbound internet access: add forward and masquerade rules in iptables.

Here is my note:
https://www.yuque.com/wucheng-k7017/oz5hh9/eg2nkh?singleDoc# 《Setup a production-like testbed based on LXD and Kubernetes》

I suspect that the uplink network was not a shared L2 or did not allow ARP/NDP advertisements from the OVN virtual router.