Static IP on LXD container

aloneagainor · February 3, 2022, 9:05pm

Apologies if that has been answered before but I’ve been digging through documentation and various forums for hours now and I can’t seem to find a definitive solution.

Essentially, I am able to assign static IPs for LXC containers through the container’s confi but I cannot seem to use the same method to assign static IPs on LXD containers.

My LXC host is running Debian and the containers are connected to an OS managed bridge. There is no DHCP on the container network and the bridge is configured as follows:

auto br1
iface br1 inet manual
        bridge_ports ens19
        bridge_fd 0
        bridge_maxwait 0

An example of a container’s config is:

lxc.apparmor.profile = unconfined
lxc.apparmor.allow_nesting = 1
lxc.rootfs.path = dir:/home/dv-smtp-1/rootfs

# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
lxc.start.auto = 1

# Container specific configuration
lxc.tty.max = 4
lxc.uts.name = dv-smtp-1
lxc.arch = amd64
lxc.pty.max = 1024
lxc.net.0.type = veth
lxc.net.0.link = br1
lxc.net.0.flags = up
lxc.net.0.ipv4.address = 10.0.4.211/24
lxc.net.0.ipv4.gateway = 10.0.4.1

Within the container, /etc/network/interfaces is configured like so:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

Using this method, the container’s IP is configured correctly, as we can see below:

root@dv-smtp-1:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 02:68:1e:2a:c7:61 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.0.4.211/24 brd 10.0.4.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::68:1eff:fe2a:c761/64 scope link 
       valid_lft forever preferred_lft forever

I’m now building a second host and I want to use LXD instead of LXC. This second host is running Alpine but the OS managed bridge is configured in the same way as the Debian host.

No matter what I’ve tried so far, I cannot seem to replicate my working LXC configuration on LXD. I get “Unknown configuration key: raw.lxc.net.0.ipv4.address” when I try to add the IP directly to the container’s config.
I tried assigning an IP in the device properties section within the container but get this message: "Cannot use manually specified ipv4.address when using unmanaged parent bridge"
I’ve tried creating a managed MACVLAN network but this network type doesn’t seem to support assigning the IP address in the container config.

What is the best way to replicate my LXC setup on LXD?

fback · February 4, 2022, 12:49pm

You can try the routed nictype.

tomp · February 8, 2022, 10:12am

See also

fback · February 8, 2022, 12:18pm

Alternative to use cloud-init / profiles in this case is remove Netplan or NetworkManager, like a:

# Ubuntu 20.04
apt remove netplan.io
rm /etc/resolv.conf && echo 'nameserver 8.8.8.8' > /etc/resolv.conf

The IP setting is handled by LXD, the network manager has nothing to do. I use this solution for ipvlan nictype.

aloneagainor · February 14, 2022, 4:14pm

Thanks for all the suggestions and apologies for the delayed reply.

I’m using Terraform to provision the LXD profiles and containers and it doesn’t look like the LXD Terraform provider supports the routed NIC type, unless I’ve missed something obvious.

I ended up using an unmanaged Linux bridge as the NIC and uploading the contents of /etc/network/interfaces via Terraform, before the container starts for the first time. It’s a bit hacky but it does work and allows the network configuration to be stored as code.