I have initalized LXD on my local Ubuntu 21.04 box with the following setting:
$ lxd init
Would you like to use LXD clustering? (yes/no) [default=no]:
Do you want to configure a new storage pool? (yes/no) [default=yes]:
Name of the new storage pool [default=default]:
Name of the storage backend to use (btrfs, dir, lvm, zfs, ceph) [default=zfs]: btrfs
Create a new BTRFS pool? (yes/no) [default=yes]:
Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]:
Size in GB of the new loop device (1GB minimum) [default=30GB]:
Would you like to connect to a MAAS server? (yes/no) [default=no]:
Would you like to create a new local network bridge? (yes/no) [default=yes]:
What should the new bridge be called? [default=lxdbr0]:
What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]:
What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]:
Would you like the LXD server to be available over the network? (yes/no) [default=no]:
Would you like stale cached images to be updated automatically? (yes/no) [default=yes]
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:
$
I have followed this guide:
to setup LxdMosaic and executed:
lxc config set core.https_address [::]
lxc config set core.trust_password some-secret-string #remember this you will be asked later
but get this error inside the container:
root@lxdMosaic:~# curl https://raw.githubusercontent.com/turtle0x1/LxdMosaic/master/examples/install_with_clone.sh >> installLxdMosaic.sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:09 --:--:-- 0curl: (6) Could not resolve host: raw.githubusercontent.com
root@lxdMosaic:~# curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.21.1/bin/linux/amd64/kubectl
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:09 --:--:-- 0curl: (6) Could not resolve host: storage.googleapis.com
So seems I cannot call out from the container. Another example based on:
https://linuxcontainers.org/lxd/getting-started-cli/#run-command-from-host-terminal
$ lxc launch ubuntu:20.04 ubuntuone
Creating ubuntuone
Starting ubuntuone
$ lxc list
+-----------+---------+------+----------------------------------------------+-----------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+-----------+---------+------+----------------------------------------------+-----------+-----------+
| lxdMosaic | RUNNING | | fd42:94d8:34c:38f8:216:3eff:fec2:891b (eth0) | CONTAINER | 0 |
+-----------+---------+------+----------------------------------------------+-----------+-----------+
| ubuntuone | RUNNING | | fd42:94d8:34c:38f8:216:3eff:fe7b:4ed5 (eth0) | CONTAINER | 0 |
+-----------+---------+------+----------------------------------------------+-----------+-----------+
$ lxc exec ubuntuone bash
root@ubuntuone:~# apt-get update
Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
Temporary failure resolving 'archive.ubuntu.com'
Err:2 http://security.ubuntu.com/ubuntu focal-security InRelease
Temporary failure resolving 'security.ubuntu.com'
0% [Working]^C
What basic configuration am I missing and how to debug/fix?
UPDATE:
If I disable ufw it works:
$ sudo ufw status
Status: active
$ sudo ufw disable
Firewall stopped and disabled on system startup
$ sudo ufw status
Status: inactive
$ lxc exec ubuntuone bash
root@ubuntuone:~# apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
...
Get:39 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 c-n-f Metadata [644 B]
Get:40 http://archive.ubuntu.com/ubuntu focal-backports/multiverse amd64 c-n-f Metadata [116 B]
Fetched 20.9 MB in 3s (6659 kB/s)
Reading package lists... Done
But I actually want/need yo have that running. Is it a requirement for using LXD that ufw is disabled? Never had an issue with having that running when using docker (and running similar tasks). Part of debugging this issue I uninstalled docker but eventually I will re-install it.