I’m very excited about LXC and LXD but still trying to find my ways with it. Currently I’m implementing a script to automate setup of LXD and dnsmasq. To that end I’m reading network info from /etc/default/lxd-bridge[.upgraded].
It seems that this file sometimes has .upgraded prefix and sometimes not. To make my script portable I’d like to understand what are the rules for the name of this file.
Or maybe I’m doing it wrong and my script should read the bridge interface configuration from other source?
LXD 2.0.x doesn’t support network configuration itself. Instead configuration is done through the packaging system and stored in /etc/default/lxd-bridge.
LXD 2.3 and higher have native support for network configuration in the API, making /etc/default/lxd-bridge obsolete. On package upgrade, the configuration in /etc/default/lxd-bridge is converted to native LXD configuration and the file is then renamed to lxd-bridge.upgraded to indicate that the upgrade was performed, doesn’t need to be run again and that the settings in there will not be read again.
So your logic should be to check if the “lxc network” set of commands exist (or look for the “network” API extension as reported by the daemon). If that’s available, then use that to configure LXD networking.
If it’s not, then configure through /etc/default/lxd-bridge.
With help from you and simos (DNS for LXC containers) I’ve got it working. Here is (abbreviated) script I use to provision Ubunt 16.04 Vagrant box:
#! /usr/bin/env bash
set -euo pipefail
IFS=$'\t\n'
export DEBIAN_FRONTEND=noninteractive
apt-get update --yes --quiet
apt-get upgrade --yes --quiet
# Upgrade and setup LXD
apt-get install --yes --quiet --target-release=xenial-backports lxd
lxd init --auto
lxc network create lxdbr0 \
ipv4.address=auto \
ipv4.nat=true \
ipv6.address=auto \
ipv6.nat=true
lxc network attach-profile lxdbr0 default
# Install and setup dnsmasq
apt-get install --yes --quiet dnsmasq
lxd_bridge="lxdbr0"
lxd_ipv4_addr="$(
lxc network get "${lxd_bridge}" ipv4.address |
cut \
--delimiter='/' \
--fields=1
)"
# Create dnsmasq configuration from template
echo "
# Tell any system-wide dnsmasq instance to make sure to bind to interfaces
# instead of listening on 0.0.0.0
# WARNING: changes to this file will get lost if lxd is removed.
server=/lxd/${lxd_ipv4_addr}
bind-interfaces
except-interface=${lxd_bridge}
" > /etc/dnsmasq.d/lxd
systemctl restart dnsmasq.service
After that I can do things like:
ubuntu@ubuntu-xenial:~$ lxc launch images:alpine/3.6 ca
Creating ca
Starting ca
ubuntu@ubuntu-xenial:~$ lxc launch images:alpine/3.6 cb
Creating cb
Starting cb
ubuntu@ubuntu-xenial:~$ lxc launch images:alpine/3.6 cc
Creating cc
Starting cc
ubuntu@ubuntu-xenial:~$ ping ca.lxd
PING ca.lxd (10.144.195.84) 56(84) bytes of data.
64 bytes from 10.144.195.84: icmp_seq=1 ttl=64 time=0.071 ms