Hello i have a small Qustion.
I Guess i am doing something wrong but not sure what.
So i Create a New Network with
lxc network create lxd
Then i add that to a Profile as lxd0 and restart the containers. They will get an ipv6 but not a ipv4 address. I tryed to enable ipv4.dhcp and dhcp range but that didnt help either.
Hi!
When you create a managed network (as you did with lxc network created lxd0), you get a DHCP server from LXD (not a system DHCP server).
If you have some other DHCP server on your host, it may conflict with the one by LXD.
So, show us the output of
lxc network listlxc network show lxd0sudo lsof -i :53 (on the host)Thanks for the answer. Here is what you neded.
Im not sure if its a bug or just me
config:
ipv4.address: 10.154.214.1/24
ipv4.nat: "true"
ipv6.address: fd42:4f83:c0f1:edef::1/64
ipv6.nat: "true"
description: ""
name: lxd0
type: bridge
used_by: []
managed: true
status: Created
locations:
- master1
+------+----------+---------+-------------+---------+---------+
| NAME | TYPE | MANAGED | DESCRIPTION | USED BY | STATE |
+------+----------+---------+-------------+---------+---------+
| eth0 | physical | NO | | 0 | |
+------+----------+---------+-------------+---------+---------+
| lxd0 | bridge | YES | | 0 | CREATED |
+------+----------+---------+-------------+---------+---------+
and there is no ouput on lsof -i
also have deleted all Containers since they werent working
I assume that you are using Ubuntu, and have either the deb package of LXD, or the snap package of LXD. If that is not the case, then tell us.
The command to show (on the host) what processes are listening on port 53 (domain), is the following.
sudo lsof -i :53
If you do not get anything in the output, then something is wrong.
You might get Command not found or something. If you get that, you are supposed to sudo apt install lsof.
What Linux distribution are you using for the container?
I am using Ubuntu 19.10 and here is the output.
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME systemd-r 663 systemd-resolve 12u IPv4 31267 0t0 UDP localhost:domain systemd-r 663 systemd-resolve 13u IPv4 31268 0t0 TCP localhost:domain (LISTEN) dnsmasq 1448 lxd 8u IPv4 36347 0t0 UDP ubu01:domain dnsmasq 1448 lxd 9u IPv4 36348 0t0 TCP ubu01:domain (LISTEN) dnsmasq 1448 lxd 10u IPv6 36349 0t0 UDP ubu01:domain dnsmasq 1448 lxd 11u IPv6 36350 0t0 TCP ubu01:domain (LISTEN) dnsmasq 1448 lxd 12u IPv6 36351 0t0 UDP ubu01:domain dnsmasq 1448 lxd 13u IPv6 36352 0t0 TCP ubu01:domain (LISTEN) dnsmasq 7757 lxd 8u IPv4 49314 0t0 UDP ubu01:domain dnsmasq 7757 lxd 9u IPv4 49315 0t0 TCP ubu01:domain (LISTEN) dnsmasq 7757 lxd 10u IPv6 49316 0t0 UDP ubu01:domain dnsmasq 7757 lxd 11u IPv6 49317 0t0 TCP ubu01:domain (LISTEN) dnsmasq 7757 lxd 12u IPv6 49318 0t0 UDP ubu01:domain dnsmasq 7757 lxd 13u IPv6 49319 0t0 TCP ubu01:domain (LISTEN)
I also tried my steps in the test area of LXD but same resulPreformatted textt cannot get an ip address. Im prety sure i am doing something wrong. What did i do. Create new network. network to profile, add profile to new container. No IP, set ipv4.dhcp, no ip, edited network and added parent eth0, no ip. What am i doing wrong?
Please can you show output of:
lxc config show <container> --expanded
Thanks
Here you go. Didnt know you could look at it thanks for the tip!
architecture: x86_64
config:
image.architecture: amd64
image.description: ubuntu 18.04 LTS amd64 (release) (20200129.1)
image.label: release
image.os: ubuntu
image.release: bionic
image.serial: "20200129.1"
image.type: squashfs
image.version: "18.04"
volatile.base_image: 9e7158fc0683d41f7f692ce8b17598716d7eee925c6a593432df59488bf4131f
volatile.eth0.host_name: maceb847ce2
volatile.eth0.hwaddr: 00:16:3e:41:e8:cb
volatile.eth0.last_state.created: "false"
volatile.idmap.base: "0"
volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
volatile.last_state.power: RUNNING
volatile.lxd0.host_name: vethd558a5d4
volatile.lxd0.hwaddr: 00:16:3e:25:97:2b
volatile.lxd0.name: eth1
volatile.test.host_name: veth6393cf99
volatile.test.hwaddr: 00:16:3e:3b:1e:5b
volatile.test.name: eth2
devices:
eth0:
name: eth0
nictype: macvlan
parent: eth0
type: nic
lxd0:
nictype: bridged
parent: lxd0
type: nic
root:
path: /
pool: local
type: disk
test:
nictype: bridged
parent: test
type: nic
ephemeral: false
profiles:
- default
- land
stateful: false
description: ""
The container gets three network interfaces,
eth0 (macvlan), which must get an IP address from your host’s network, and cannot get it from an LXD managed network.lxd0 (bridged to an interface lxd0 , LXD should give an IP address here), andtest (that must exist on the host and have a dedicated independent DHCP server already running, because there is no managed LXD network with the name test).Therefore, for eth0 with macvlan to work, your computer should not connect to the network with WIFI because WIFI security (WPA) does not allow more than one MAC address to connect to the WiFI router. In addition, if you use LXD inside a virtual machine (KVM, VMWare, VirtualBox), it will probably not work because by default because these virtualization environment require specific configuration for macvlan.
The interface lxd0 should work and get an IP address, but I do not know whether the container sticks to the first network interface (which cannot get an IP address) and ignores the rest. This is up to the container image, and whether it tries to use DHCP only for the eth0, or tries all available interfaces.
The interface test should give you the error Error: Common start logic: Failed to start device ‘test’: Parent device ‘test’ doesn’t exist if there is not test network interface on the host.
I suggest to clean up the list of network interfaces.
If you read a guide on setting up network interfaces for LXD, which one was it? We might be able to help get it better by explaining more about network interfaces.
Thanks! I tried it on my productin system with no macvlan only a bridge and it worked. I Guess what you were saying is kinda the key. My only remaining question is why this still did not work in the testing enviorment of LXD since it gets an ip address over MCVLAN but not over a second connected bridge.
I Have read this guide:
https://lxd.readthedocs.io/en/latest/networks/
And i have also gone through some of your guides.
I also have one small question, I can add a conection to a container via:
lxc config device add proxy myport80 proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80
is it posible to set
listen=tcp:0.0.0.0:9999 connect=10.10.10.2:80
as of the container? since i have multiple game server which i want to put into containers and dont want to screw with the config. Like in Docker port forwarding?
For the first question, it is up to the container image whether it will try to DHCP the configuration of an interface. The instructions are found in /etc/netplan/. I think the default is to do just eth0.
You can affect this file and make Ubuntu to get an IP address from additional interfaces by using cloud-init in your LXD profile. The configuration you will put in the LXD profile will make it into the netplan configuration in the container. It is really neat.
On the second question, you want to specify the allocated IP of the container instead of localhost?
You can definitely do so, but I think it is cleaner to use the localhost. Because if the IP address changes, you do not need to edit the proxy device. It is a matter of personal preference in the end.
Thanks, What i was trying to do yesturday to give a container a Public IPV6 that didnt seem to work. I cant just add a proxy since i want every container to have their owen public ipv6? Is that currently posible?
As well as using the proxy, there are several options for getting public IPs into containers (which the proxy doesn’t really achieve, as the source address of outbound connections from the container will not use the public IP):
The default bridged network created by lxd, called lxdbr0 works like the last option, but because it is not connected to the wider parent network, your containers will not get public IPs, and will re-use the host’s IP for outbound connections (NAT).
So you can see that there are various options, but the best option will depend on your requirements and any restrictions that your network provider enforces.
Thanks!
I had a similar problem - ip6 address was allocated but ip4 address was not allocated reliably. I solved it by re-initializing the lxd snap and specifying not to use ip6 addresses. The default is to enable both ip4 and ip6.
$ sudo lxd init
Would you like to use LXD clustering? (yes/no) [default=no]:
Do you want to configure a new storage pool? (yes/no) [default=yes]: yes
Name of the new storage pool [default=default]:
Name of the storage backend to use (dir, lvm, zfs, ceph, btrfs) [default=zfs]: dir
Would you like to connect to a MAAS server? (yes/no) [default=no]:
Would you like to create a new local network bridge? (yes/no) [default=yes]:
What should the new bridge be called? [default=lxdbr0]:
What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]:
What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: none
Would you like LXD to be available over the network? (yes/no) [default=no]:
Would you like stale cached images to be updated automatically? (yes/no) [default=yes] no
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: yes
config:
images.auto_update_interval: "0"
networks:
- config:
ipv4.address: auto
ipv6.address: none
description: ""
name: lxdbr0
type: ""
project: default
storage_pools:
- config: {}
description: ""
name: default
driver: dir
profiles:
- config: {}
description: ""
devices:
eth0:
name: eth0
network: lxdbr0
type: nic
root:
path: /
pool: default
type: disk
name: defaultHello.
I have a simmilar problem. After I’ve reinstalled lxd and re-inited lxd, with IPv6=none I have neither I have IPv4 in containers, nor IPv6.
lxc list
+--------+---------+------+------+-----------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+--------+---------+------+------+-----------+-----------+
| test01 | RUNNING | | | CONTAINER | 0 |
+--------+---------+------+------+-----------+-----------+
lxc network list
+--------+----------+---------+----------------+------+-------------+---------+
| NAME | TYPE | MANAGED | IPV4 | IPV6 | DESCRIPTION | USED BY |
+--------+----------+---------+----------------+------+-------------+---------+
| enp3s0 | physical | NO | | | | 0 |
+--------+----------+---------+----------------+------+-------------+---------+
| lxcbr0 | bridge | NO | | | | 0 |
+--------+----------+---------+----------------+------+-------------+---------+
| lxdbr0 | bridge | YES | 10.46.233.1/24 | none | | 2 |
+--------+----------+---------+----------------+------+-------------+---------+
| virbr0 | bridge | NO | | | | 0 |
+--------+----------+---------+----------------+------+-------------+---------+
| wlp2s0 | physical | NO | | | | 0 |
+--------+----------+---------+----------------+------+-------------+---------+
lxc network show lxdbr0
config:
ipv4.address: 10.46.233.1/24
ipv4.nat: "true"
ipv6.address: none
description: ""
name: lxdbr0
type: bridge
used_by:
- /1.0/instances/test01
- /1.0/profiles/default
managed: true
status: Created
locations:
- none
sudo lsof -i :53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 3410 systemd-resolve 12u IPv4 47560 0t0 UDP localhost:domain
systemd-r 3410 systemd-resolve 13u IPv4 47561 0t0 TCP localhost:domain (LISTEN)
tor 4285 debian-tor 7u IPv4 52512 0t0 UDP localhost:domain
dnsmasq 5375 libvirt-dnsmasq 5u IPv4 56059 0t0 UDP nb:domain
dnsmasq 5375 libvirt-dnsmasq 6u IPv4 56060 0t0 TCP nb:domain (LISTEN)
dnsmasq 5700 lxc-dnsmasq 6u IPv4 57616 0t0 UDP nb:domain
dnsmasq 5700 lxc-dnsmasq 7u IPv4 57617 0t0 TCP nb:domain (LISTEN)
dnsmasq 133909 lxd 6u IPv4 1127038 0t0 UDP nb:domain
dnsmasq 133909 lxd 7u IPv4 1127039 0t0 TCP nb:domain (LISTEN)
I think that lxc-dnsmasq is listening on the lxdbr0 network interface.
To verify, run the following. It will show the IP address of the interfaces. You want to verify which process is listening on 10.46.233.1 on port domain/53.
sudo lsof -n -i :53
sudo lsof -n -i :53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 3410 systemd-resolve 12u IPv4 47560 0t0 UDP 127.0.0.53:domain
systemd-r 3410 systemd-resolve 13u IPv4 47561 0t0 TCP 127.0.0.53:domain (LISTEN)
tor 4285 debian-tor 7u IPv4 52512 0t0 UDP 127.0.0.1:domain
dnsmasq 5375 libvirt-dnsmasq 5u IPv4 56059 0t0 UDP 192.168.122.1:domain
dnsmasq 5375 libvirt-dnsmasq 6u IPv4 56060 0t0 TCP 192.168.122.1:domain (LISTEN)
dnsmasq 5700 lxc-dnsmasq 6u IPv4 57616 0t0 UDP 10.0.3.1:domain
dnsmasq 5700 lxc-dnsmasq 7u IPv4 57617 0t0 TCP 10.0.3.1:domain (LISTEN)
dnsmasq 199103 lxd 6u IPv4 2085538 0t0 UDP 10.20.110.1:domain
dnsmasq 199103 lxd 7u IPv4 2085539 0t0 TCP 10.20.110.1:domain (LISTEN)
I do not see here a reference to the network 10.46.233.1, which came from the output of the lxc network list command. Here, LXD (i.e. its dnsmasq) is listening on 10.20.110.1.
If this discrepancy is not due to a possible reinstall of LXD, then someone more knowledgeable should look into this.
If you do not use LXC, you can remove those packages. You would be using LXC if you run the command lxc-create to create containers.
Yes, it’s because I’ve reinstalled lxd. Will the deletion of lxcbr0 solve this problem?
Maybe I need to use static IPs in containers? How to do that?