Troubleshooting Static IP on unmanaged bridge

smitchell · January 14, 2024, 9:05pm

I followed several threads to finally get a working static IP address on my unmanaged bridge, br0, but it feels like I made it too complex. Can somebody give this a quick scan and tell me what I can do to simplify this?

In a nutshell, I run “incus config device set kubeadm-leader eth0 security.ipv4_filtering=true ipv4.address=10.0.0.100,” but that doesn’t produce an IP address, it’s blank. I still have to go into Netplan and configure it. So, what is the point in running the command to assign the IP if I just set it with Netplan anyway?

Here is the Incus Profile.

config: {}
description: Unmanaged  Bridge Incus profile
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: br0
    type: nic
  root:
    path: /
    pool: default
    type: disk
name: homelab

I started with these commands.

incus launch images:ubuntu/22.04 kubeadm-leader --profile homelab
incus stop kubeadm-leader
incus network attach br0 kubeadm-leader eth0 eth0 
incus config device set kubeadm-leader eth0 security.ipv4_filtering=true ipv4.address=10.0.0.100
incus start kubeadm-leader
incus list

At this point, the Linux container is running, but it has no IP address assigned. To fix that, I edit /etc/netplan/10-lxc.yaml like this.

network:
  version: 2
  ethernets:
    eth0:
      dhcp4: false
      dhcp-identifier: mac
      addresses: [10.0.0.100/16]
      nameservers:
         addresses:
         - 10.0.0.8
         - 10.0.0.9
         - 10.0.0.1
         search: [byteworksinc.com]
      routes:
         - to: default
           via: 10.0.0.1
      mtu: 1500

That gives me an IP address and makes the Linux container accessible.

 # ip a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
66: eth0@if67: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:16:3e:02:41:8f brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 10.0.0.100/16 brd 10.0.255.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::216:3eff:fe02:418f/64 scope link
       valid_lft forever preferred_lft forever

Is there a more straightforward way?

stgraber · January 15, 2024, 2:17am

Your bridge being unmanaged, Incus cannot handle the static IP for you.

You indeed either need to do it yourself through netplan or by using a container image which supports cloud-init and then provide basically the same netplan configuration to the container through cloud-init.

ipv4.address/ipv6.address on the NIC, only tells Incus to configure a static DHCP lease for the instance. This only works when Incus is in charge of DHCP and the instance itself uses DHCP too.