LXD containers doesn't have IPV4 address and cant access to network (bridge)

thepenguinthatwants · June 2, 2020, 6:17pm

Hi guys!

I think this might be quite common problem earlier but based on the stuff I read I couldnt solve this.

lxc list

+--------+---------+------+------+-----------+-----------+
|  NAME  |  STATE  | IPV4 | IPV6 |   TYPE    | SNAPSHOTS |
+--------+---------+------+------+-----------+-----------+
| gitea  | RUNNING |      |      | CONTAINER | 0         |
+--------+---------+------+------+-----------+-----------+
| ubuntu | RUNNING |      |      | CONTAINER | 0         |
+--------+---------+------+------+-----------+-----------+

lxc network list

+---------+----------+---------+-------------+---------+
|  NAME   |   TYPE   | MANAGED | DESCRIPTION | USED BY |
+---------+----------+---------+-------------+---------+
| docker0 | bridge   | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| enp25s0 | physical | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| lxdbr0  | bridge   | YES     |             | 2       |
+---------+----------+---------+-------------+---------+
| virbr0  | bridge   | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| wlan0   | physical | NO      |             | 0       |
+---------+----------+---------+-------------+---------+

From
lxc profile edit default

config: {}
description: Default LXD profile
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: lxdbr0
    type: nic
  root:
    path: /
    pool: default
    type: disk
name: default
used_by:
- /1.0/instances/ubuntu
- /1.0/instances/gitea

For some reasons my user belongs to lxd group but I cant run lxd init. Tried relogin and reboot. From groups command I can see myself beloing to lxd group.

Earlier ran

sudo lxd init and practically enter all the things as I only use default settings.

Altho I’ve earlier got

failed to mount /org/freedesktop/UDisks2/block_devices/loop0: GDBus.Error:org.freedesktop.UDisks2.Error.NotAuthorizedCanObtain: Not authorized to perform operation

I solved it by disabling udiskie. And the error never repeated.

My computer uses archlinux. And my subuid subgid settings are based from https://wiki.archlinux.org/index.php/LXD

uname -a
Linux archlinux 5.6.15-arch1-1 #1 SMP PREEMPT Wed, 27 May 2020 23:42:26 +0000 x86_64 GNU/Linux

ALSO noticed that containers couldnt access internet.

connect: Network is unreachable

thepenguinthatwants · June 2, 2020, 6:37pm

Also now that I checked

systemctl status lxd

Jun 02 21:35:27 archlinux systemd[1]: Starting LXD Container Hypervisor...
Jun 02 21:35:27 archlinux lxd[1444]: t=2020-06-02T21:35:27+0300 lvl=warn msg="AppArmor support has been disabled because of lack of kernel support"
Jun 02 21:35:27 archlinux lxd[1444]: t=2020-06-02T21:35:27+0300 lvl=warn msg=" - Couldn't find the CGroup blkio.weight, I/O weight limits will be ignored"
Jun 02 21:35:28 archlinux dnsmasq[2293]: failed to create listening socket for 10.18.193.1: Address already in use
Jun 02 21:35:28 archlinux dnsmasq[2293]: FAILED to start up
Jun 02 21:35:29 archlinux systemd[1]: Started LXD Container Hypervisor.

Not sure what causes this or even how to further solve this.

toby63 · June 2, 2020, 7:55pm

One more time: Don’t run this single command as user, always run this single command as root.

Update: Is related to the dnsmasq error, so you need to solve that first.
See second comment of me.
Then the below steps are maybe not necessary.

Well, try to see arch troubleshooting first:
https://wiki.archlinux.org/index.php/LXD#No_IPv4_with_systemd-networkd

And then give some more details.
How did you create the bridge?
I would suggest you let lxd create a new bridge with:
lxc network create
See details here:

github.com

lxc/incus/blob/main/doc/networks.md

(networking)=
# Networking

```{toctree}
:maxdepth: 1

/explanation/networks
Create and configure a network </howto/network_create>
Configure a network </howto/network_configure>
Configure network ACLs </howto/network_acls>
Configure network forwards </howto/network_forwards>
Configure network zones </howto/network_zones>
Configure Incus as BGP server </howto/network_bgp>
Display Incus IPAM information </howto/network_ipam>
/reference/network_bridge
/reference/network_ovn
/reference/network_external
Increase bandwidth <howto/network_increase_bandwidth>
```

github.com

lxc/incus/blob/main/doc/instances.md

(instances)=
# Instances

```{toctree}
:titlesonly:

explanation/instances.md
Create instances <howto/instances_create.md>
Manage instances <howto/instances_manage.md>
Configure instances <howto/instances_configure.md>
Back up instances <howto/instances_backup.md>
Use profiles <profiles.md>
Use cloud-init <cloud-init>
Run commands <instance-exec.md>
Access the console <howto/instances_console.md>
Access files <howto/instances_access_files.md>
Add a routed NIC to a VM </howto/instances_routed_nic_vm.md>
Troubleshoot errors <howto/instances_troubleshoot.md>
explanation/instance_config.md
Container environment <container-environment>

This file has been truncated. show original

Also you can try two things:

Try a different network method than bridge.
Try to use the snap package for lxd.

toby63 · June 2, 2020, 8:06pm

Looks like a problem with dnsmasq, try to search a little;
I found this for example:

Update:
You could also try this:

For everything else, somebody else might be a better help.

tomp · June 3, 2020, 8:38am

You likely have some other service listening on the wildcard address for either DNS or DHCP on your LXD host.

If you run netstat -ulpn and look for services listening on port 53, 67 or 68 then this is likely going to show you the offending process.

thepenguinthatwants · June 4, 2020, 8:13pm

Hmm Adding
/etc/dnsmasq.d/lxd

except-interface=lxdbr0

Didnt help.

Adding
/etc/NetworkManager/NetworkManager.conf

 [main]
 dns=dnsmasq

dnsmasq: spawn: dnsmasq process 4843 exited with error: Network access problem (address in use, permissions) (2)

I guess the problem is in dnsmasq and it needs to be configured somehow. At least on the right track I guess

thepenguinthatwants · June 4, 2020, 8:14pm

➜ netstat -ulpn

I get

(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
udp        0      0 0.0.0.0:53              0.0.0.0:*                           -
udp        0      0 0.0.0.0:67              0.0.0.0:*                           -
udp6       0      0 :::53                   :::*                                -

Not really understanding if the output gives that much info.

thepenguinthatwants · June 4, 2020, 8:18pm

Okay this is weird.

sudo systemctl stop dnsmasq
sudo systemctl restart lxd

sudo systemctl start dnsmasq

FAILS

Jun 04 23:15:32 archlinux systemd[1]: dnsmasq.service: Scheduled restart job, restart counter is at 5.
Jun 04 23:15:32 archlinux systemd[1]: Stopped dnsmasq - A lightweight DHCP and caching DNS server.
Jun 04 23:15:32 archlinux systemd[1]: dnsmasq.service: Start request repeated too quickly.
Jun 04 23:15:32 archlinux systemd[1]: dnsmasq.service: Failed with result ‘exit-code’.
Jun 04 23:15:32 archlinux systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.

So when dnsmasq is stopped I get ip address on the container… not sure what it affects if I dont use dnsmasq service. As it was listed as dependency to lxd.

stgraber · June 5, 2020, 3:21am

dnsmasq-base is a dependency of LXD as we use the dnsmasq binary, the dnsmasq package which ships the system-wide dnsmasq service is NOT a dependency of LXD and in fact interferes with it.