LXD host with Arch Linux: Can't set static IP to containers via dnsmasq

spacekookie · February 8, 2018, 1:46am

For a while now I’ve been using lxc.raw to set the IP of my containers but since that’s not supported anymore I need to change that.

I’m using lxd version 2.21

Now, I’ve been confused a little since there seem to be conflicting sources on the web how to do it. From what I understood I had to write my ip/ host combos into /var/lib/lxd/networks/lxdbr0/dnsmasq.hosts. This is what I did:

# Blog container
10.130.123.10,spacekookie

But that doesn’t work. I hope someone can help me here since from different sources online (the arch wiki for example talks about /etc/dnsmasq-lxd.conf which also doesn’t seem to work for me?) it’s not really clear what to do.

Thanks

simos · February 8, 2018, 1:02pm

It looks like something else is messed up, and needs to be fixed. Specifically, the Arch container does not make an effort to obtain a DHCP lease, as if it has not been configured to do that automatically.

Here we go,

$ lxc launch images:archlinux arch
Creating arch
Starting arch               

$ lxc list ^arch$
+------+---------+------+-----------------------------------------------+
| NAME |  STATE  | IPV4 |                     IPV6                      |
+------+---------+------+-----------------------------------------------+
| arch | RUNNING |      | fd42:cba6:557e:1a5f:216:3eff:fed5:5b9b (eth0) |
+------+---------+------+-----------------------------------------------+

The container gets an IPv6 address, but does not get an IPv4 address.

Before entering the Arch container, would it take an IP address from the router instead?

$ lxc profile assign arch default,bridgeprofile
Profiles default,bridgeprofile applied to arch

$ lxc start arch
$ lxc list ^arch$
+------+---------+------+------+
| NAME |  STATE  | IPV4 | IPV6 |
+------+---------+------+------+
| arch | RUNNING |      |      |
+------+---------+------+------+

Let’s go back to the default profile and have a closer look.

$ lxc stop arch

$ lxc profile assign arch default
Profiles default applied to arch

$ lxc start arch

$ lxc list ^arch$
+------+---------+------+-----------------------------------------------+
| NAME |  STATE  | IPV4 |                     IPV6                      |
+------+---------+------+-----------------------------------------------+
| arch | RUNNING |      | fd42:cba6:557e:1a5f:216:3eff:fed5:5b9b (eth0) |
+------+---------+------+-----------------------------------------------+

Let’s do some reading, https://wiki.archlinux.org/index.php/Network_configuration#Network_managers
There are three network managers in the Archiso, and they are also present in the LXD container image for ArchLinux.

Of those three, two can automatically set up the wired interface. These are dhcpdc and netctl.

Let’s try with dhcpdc as follows. It worked, and it got a lease!

dhcpcd eth0

The old IPv6-only lease is still there, which means that another network manager is in play (systemd).
In any case, for now, you can use

lxc exec myarch -- dhcpcd eth0

to get a proper IPv4 address.

simos · February 8, 2018, 1:57pm

For debugging network issues, there are instructions at https://wiki.archlinux.org/index.php/Systemd-networkd#Usage_with_containers

spacekookie · February 8, 2018, 2:04pm

I think you misunderstood me there. I’m running LXD on an Arch Linux host! I mention that because I know Ubuntu does some things differently in that regards. But in the end, I thought the dnsmasq file was for the host.

When I manually go into a container and set a static IP that works and I’ve used that as a work-around for the moment. But I would much rather be able to set the static IPs for the containers in one central place

stgraber · February 8, 2018, 3:18pm

The right way to configure static DHCP is by using the ipv4.address property on the nic device attached to the container.

simos · February 8, 2018, 3:19pm

Okay, I changed the title from Arch Linux: Can’t set static IP via dnsmasq to the current.

Still, there is the issue of Arch containers getting automatically an IPv4 IP. I hope someone pursues that.

stgraber · February 8, 2018, 3:20pm

@simos the reason why your archlinux container isn’t getting an IPv4 address is because systemd-networkd in archlinux attempts to use the kernel keyring and fails. To workaround that, you can do:

lxc profile set default security.syscalls.blacklist "keyctl errno 38"

stgraber · February 8, 2018, 3:29pm

To answer the initial question, the following should work (assuming container called blog):

lxc network attach lxdbr0 blog eth0 eth0
lxc config device set blog eth0 ipv4.address 10.130.123.10

That will create a container-specific eth0 device on top of which you can set the ipv4.address property to the desired value. This will then cause LXD to reconfigure dnsmasq to use that for its DHCP lease.

dabeegmon · February 8, 2018, 4:00pm

With the newer systemd renaming of all kinds of things eth0 doesn’t seem to be used in my system, at least, anymore. Should one still be using eth0 even if the actual name is eno1 or ??? ?

(Hope that’s not an inappropriate question!!)

stgraber · February 9, 2018, 5:35pm

The name in the container is always eth0, regardless of what your network interfaces may be called on the host.