First I’ll start with I have read the entire threads for both Wireguard on LXD and 3.0.1 wireguard iface in unprivileged container?.
I’m running lxc inside an Ubuntu 18.04 server with both a macvlan and standard bridge network profile. I’m trying to setup wireguard using the macvlan so that I have direct access control to it at the router. The container config is as follows.
architecture: x86_64
config:
image.architecture: amd64
image.description: ubuntu 18.04 LTS amd64 (release) (20190320)
image.label: release
image.os: ubuntu
image.release: bionic
image.serial: "20190320"
image.version: "18.04"
linux.kernel_modules: wireguard
security.privileged: "true"
volatile.base_image: 6700bee14eb3034ba4bd0c3d0165f938faa161d2690e919465aab2946490689b
volatile.eth0.hwaddr: 00:16:3e:6f:7e:01
volatile.idmap.base: "0"
volatile.idmap.next: '[]'
volatile.last_state.idmap: '[]'
volatile.last_state.power: RUNNING
devices: {}
ephemeral: false
profiles:
- default
stateful: false
description: ""
I have wireguard installed within the host and wireguard-tools installed in the container but I still get the dreaded RTNETLINK answers: Operation not supported
error whenever I try to create a wireguard interface inside the container.
I’m bringing up specifically the macvlan because so far as I can tell it’s the only thing not mentioned in the previous threads, for knowledge the profile config is as follows:
config: {}
description: Default LXD profile
devices:
eth0:
name: eth0
nictype: macvlan
parent: eno1
type: nic
root:
path: /
pool: lxd
type: disk
name: default
used_by:
- /1.0/containers/dns
- /1.0/containers/wireguard
Edit: I almost forgot the actual question… Am I missing something or is this a wireguard rather than lxc issue?