I am trying to set up a samba domain server and a samba file server each in its own lxc container using XUbuntu LTS.
I have tried several approaches and the best I’ve forn is this:
Is there a better way?
Mike
Have you tried / though about a network bridge instead ?
Yeah I wouldn’t run samba domain controllers or file servers in containers, each to there own though (I think i may have even encountered errors doing so)
I have tried several approaches including bridges and vlans and combinations of them.
In each case I had problems either setting up a static ip or connecting the containers to the ethernet.
If anyone knows of a good tutorial I would be appreciative.
Mike
You want to create system containers and have them exposed directly to your LAN. That is, these containers will get an IP address from your LAN’s router, or, if you insist, setup yourself manually static IP addresses in each of them. If you have access to your LAN’s router, you can configure it to give the same IP address for each of your system container. If instead, you want to set static IP address in each container, then this is up to you to get correct as LXD is not involved at all.
You can expose system containers to your LAN, using either a bridge or macvlan, when you connect your computer to the LAN with an Ethernet cable and NOT through WiFi. Because with a WiFi connection, only a single MAC address is accepted by your WiFi router coming from your host (due to WPA, etc).
If you have a router that is too smart and secure, it might enforce port security, which means that even with a cable connection, it only accepts a single MAC address from your host (so your containers are not visible on the LAN).
While macvlan is easier to setup, it has a feature that the host cannot access any of the macvlan containers. If that is a problem, use a bridge.
In one incarnation I had the following in my netplan but I couldn’t figure out how to set up bridges to expose the vlans inside the containers:
network:
ethernets:
enp1s0: # host
addresses: [ 192.168.2.4/24 ]
gateway4: 192.168.2.1
nameservers:
addresses: [ 8.8.8.8, 8.8.4.4 ]
vlans:
vlan-files:
link: enp1s0
id: 1
addresses: [ 192.168.2.5/24 ]
vlan-domain:
link: enp1s0
id: 2
addresses: [ 192.168.2.6/24 ]While ease of implementation and repeatability are both important, being able to reach the containers from the host is desireable, but not mandatory.
As it stands, I can create my two containers thusly…
lxc profile create macvlan
lxc profile device add macvlan eth0 nic nictype=macvlan parent=enp1s0
lxc profile device add macvlan root disk path=/ pool=default
lxc launch ubuntu:bionic/amd64 files -p macvlan
lxc file push static-ip-files.yaml files/etc/netplan/staticIP.yaml
lxc exec files netplan apply
lxc launch ubuntu:bionic/amd64 domain -p macvlan
lxc file push static-ip-domain.yaml domain/etc/netplan/staticIP.yaml
lxc exec domain netplan apply
lxc stop --all
lxc start --all
I would prefer to use bridged connections to avoid the reachability issue, but how do I create multiple bridged connections to a single lan card, each with its own ip address?