I have an LXD container, and I’m running docker into it. I set up a docker container based on jsloan117/docker-openvpn-client image that was working ok in docker installed in host.
I’m getting
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
as part of the container log.
I’ve followed instructions in OpenVPN in LXD Container · GitHub that seems to give the needed capabilities to the container and sharing the hosts tun device:
On the host
=============
lxc config set openvpn raw.lxc ‘lxc.cgroup.devices.allow = c 10:200 rwm’
lxc config device add openvpn tun unix-char path=/dev/net/tunIn the container
==================
- mknod /dev/net/tun c 10 200
Here I obtain
mknod: /dev/net/tun: File exists
that I supose is ok,
- install OpenVPN (GitHub - Nyr/openvpn-install: OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora or manual)
- edit /lib/systemd/system/openvpn@.service – comment out/remove
LimitNPROC=10
- systemctl daemon-reload or reboot container
Skiped 2 and 3 (if this is needed, how to do it in my setup?), but launch the docker container into de LXD container, with a known working configuration, and then restart the LXD container. And I keep getting the error.
What can be done to get this working?
EDIT:
The part of the YAML for docker-compose
ovpn-client:
image: jsloan117/docker-openvpn-client
container_name: ovpn-client
cap_add:
- NET_ADMIN
sysctls:
- net.ipv6.conf.all.disable_ipv6=0
environment:
- OPENVPN_PROVIDER=xxxxxxx
- OPENVPN_CONFIG=xxxxxx
- OPENVPN_USERNAME=xxxxxx
- OPENVPN_PASSWORD=xxxxxxx
- LOCAL_NETWORK=192.168.5.0/24,192.168.100.0/24,10.4.0.0/24,10.6.0.0/24,10.8.0.0/24
- PUID=0
- PGID=0
restart: unless-stopped