LXD gives out the same IP address to a container based on their MAC address.
In practice, the a container would get the same IP address.
These associations can be found in
/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.hosts/ (MAC<->container name).
/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.leases (the leases).
I think the issue is, do these leases ever expire?
The configuration file for dnsmasq in LXD (snap) is at
/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.raw
It’s the same for IPv6 but that only works if you use DHCPv6 in stateful mode, which isn’t the default.
For that, you’d need to set ipv6.dhcp.stateful=true on your bridge and then configure your container to use DHCPv6 to configure its network (that varies between distros).
For some reason, I can’t change the IPv6 after setting it up the first time. The CT keeps the first IPv6. Is it an issue on the CT’s side or something about the leases?
I am still stuck at where is /etc/default/lxd-bridge. Using Ubuntu Server 17.10, no snap. Can I install the snap on top of the current system or do In need to remvoe local lxd first?
To pass public IPs from the host to the container, you can either have them added to your host and NAT to your container’s IP, or (usually cleaner), route the IPs or subnets to your bridge, using the ipv4.routes option on the bridge and then adding it to the container with something like ip -4 addr add ADDRESS/32 dev eth0 (or the distribution network equivalent of that).
I am running 17.10 which has lxc/lxd v2.0.11. This does use lxc network. I think my installation got corrupted. I tied to unstall lxd lxc and got this.
$ sudo apt remove lxc lxd
Package ‘lxc’ is not installed, so not removed
The following packages will be REMOVED:
lxd
When I installed lxd from snapcraft
$ lxd --version
2.21
$ lxc --version
2.18
$ lxc start c2
Connection refused; is LXD running?
$ sudo service lxd start
Failed to start lxd.service: Unit lxd.service is masked.
For anyone with the same issue:
After upgrading from 2.0.x to 3.0.x (xenial -> bionic) then to 3.3 (snap), I was unable to get externally set static ip addresses to work, until I removed the following settings from the bridge config:
lxc network unset lxdbr0 raw.dnsmasq
lxc network unset lxdbr0 dns.mode
Hi all, so going on the 2 posts above from @simos, am I right to assume that the internal IP addresses given to containers by lxdbr0 are static for all practical intents and purposes?
I’m thinking about running commands like this to enable ssh access from my laptop to a specific container
In practice I have not seen a container get a different IP address when it was restarted.
It is quite important to keep check of IP changes when you use iptables to forward connections from the host to a container (Because from container to container you can just use the hostnames).
In your case I would perform tests such as changing the time of the system when a container is about to start again to see whether it gets a new IP address.
However, if you are going to use the LXD proxy device, you do not need to worry about the IP address of the container. Because instead of specifying the IP address of the container, you can just type localhost.
For the host IP address, if you specify 0.0.0.0, then LXD will bind to all interfaces (as long as the port is free on each interface). If you have many network interfaces, you may want to just be explicit here.
Hi Simos, thank you, interesting… I’ll have a play around… I want to ssh into various containers on the same host, so I suspect I’ll need to have different ports for ssh on each container…