Launch lxc container on openwrt

Armik2 · April 16, 2019, 11:19am

I’m trying to launch an LXC container on APU2 on which stands openwrt. The container is being created and even starts, but the network does not work and it’s impossible to configure it for Internet access.
here such config now:

Distribution configuration

lxc.include = /usr/share/lxc/config/ubuntu.common.conf
lxc.arch = linux64

Container specific configuration

lxc.network.type = veth
lxc.network.link = br-lan
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:34:ea:bb
lxc.rootfs.path = dir:/srv/lxc/ubuntu/rootfs
lxc.uts.name = ubuntu

gpatel-fr · April 16, 2019, 11:43am

lxc has this nice utility lxc-checkconfig please use it and add the information posted it’s really useful to see if your kernel has all the necessary bits, especially the namespace ones.
BTW I feel your pain, Discuss has many nice features but quoting is not one of them IMO

n8v8r · April 16, 2019, 12:12pm

lxc package on OpenWRT is outdated and not actively maintained any more

bmullan · April 16, 2019, 12:18pm

Take a look at what Craig Miller has written up onXD and OpenWrt. There is a post with a link to his guide on the LXD sub-reddit…

n8v8r · April 16, 2019, 12:24pm

That looks more of running OpenWRT in a LXD container/guest rather than running a LXC/LXD guest on an OpenWRT host.

Armik2 · April 16, 2019, 12:48pm

Ie support on openwrt not foreseen???

gpatel-fr · April 16, 2019, 12:57pm

I don’t think there is official support yet but there is this project

Armik2 · April 16, 2019, 1:08pm

well.thank you.

simos · April 16, 2019, 4:08pm

With. Openwrt you would want first the kernel to be capable for running LXD. It was discussed above how to check.

Then, it is an issue of packaging LXD to a way that is usable by openwrt. In the absence of such a package, you can try to compile LXD from source and then run it. This will show any distro-specific issues.

Armik2 · April 17, 2019, 8:26am

LXD or LXC???

root@APU2:~# lxc-checkconfig
— Namespaces —
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled

— Control groups —
Cgroups: enabled

Cgroup v1 mount points:
/sys/fs/cgroup

Cgroup v2 mount points:

Cgroup v1 systemd controller: /usr/bin/lxc-checkconfig: line 167: printf \033[1; 31m: not found

Cgroup v1 freezer controller: /usr/bin/lxc-checkconfig: line 174: printf \033[1; 31m: not found

Cgroup v1 clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

— Misc —
Veth pair device: enabled, loaded
Macvlan: enabled, loaded
Vlan: enabled, not loaded
Bridges: enabled, not loaded
Advanced netfilter: enabled, not loaded
CONFIG_NF_NAT_IPV4: enabled, loaded
CONFIG_NF_NAT_IPV6: enabled, not loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: missingCONFIG_NETFILTER_XT_MATCH_COMMENT: e nabled, loaded
FUSE (for use with lxcfs): enabled, loaded

— Checkpoint/Restore —
checkpoint restore: missing
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: missing
CONFIG_INET_DIAG: missing
CONFIG_PACKET_DIAG: missing
CONFIG_NETLINK_DIAG: missing
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

simos · April 17, 2019, 9:50am

I wrote LXD but the same applies with LXC.
I see some things missing from the lxc-checkconfig output.
Since the issue is with networking, try to fix the output about networking.
In the output, it mentions that some functionality is enabled but not loaded. Therefore, load it and try again.