lxc-net 不喜欢桥接容器的静态 IP

tag-icon tag-icon linux networking bridge lxc containers
lxc-net 不喜欢桥接容器的静态 IP

我刚刚开始使用 LXC 容器,我发现即使我在 lxc 容器配置文件上设置了特定的 ip 地址,也lxc-ls --fancy总是显示另一个 ip,它是可 ping 的,并且/etc/network/interfaces设置不会覆盖lxc-net设置。

我正在使用lxc2.0.7。


容器配置:

lxc.network.type = veth
lxc.network.hwaddr = 00:1a:b2:ff:62:32
lxc.network.link = lxcbr0
lxc.network.ipv4 = 10.0.3.2/24
lxc.network.ipv4.gateway = 10.0.3.1
lxc.network.flags = up

lxc.rootfs = /var/lib/lxc/debcontainer/rootfs
lxc.rootfs.backend = dir

# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf

# Container specific configuration
lxc.tty = 4
lxc.utsname = debcontainer
lxc.arch = amd64


接口配置:

auto eth0

iface eth0 inet static
 address 10.0.3.3
 netmask 255.255.255.0
 gateway 10.0.3.1


主机接口:

eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
          ...

lo        Link encap:Local Loopback
          ...

lxcbr0    Link encap:Ethernet  HWaddr 00:16:3e:00:00:00  
          inet addr:10.0.3.1  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137 errors:0 dropped:0 overruns:0 frame:0
          TX packets:131 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:16641 (16.2 KiB)  TX bytes:14826 (14.4 KiB)

vethE2RLT9 Link encap:Ethernet  HWaddr fe:66:28:6b:1a:f1  
          inet6 addr: fe80::fc66:28ff:fe6b:1af1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137 errors:0 dropped:0 overruns:0 frame:0
          TX packets:161 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:18559 (18.1 KiB)  TX bytes:19428 (18.9 KiB)


容器配置:

eth0      Link encap:Ethernet  HWaddr 00:1a:b2:ff:62:32  
          inet addr:10.0.3.2  Bcast:255.255.255.255  Mask:255.255.255.255
          inet6 addr: fe80::216:abff:fec4:63ff/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:170 errors:0 dropped:0 overruns:0 frame:0
          TX packets:147 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:20061 (19.5 KiB)  TX bytes:20259 (19.7 KiB)

lo        Link encap:Local Loopback
          ...


lxc-fs输出:

user@debian-8-test:~$ sudo lxc-ls --fancy
NAME         STATE   AUTOSTART GROUPS IPV4                 IPV6 
debcontainer RUNNING 0         -      10.0.3.2, 10.0.3.211 -

答案1

解决方案

编辑 /etc/default/lxc-net 并注释或删除 LXC 桥名称(如果指定)和 dhcp 选项:

USE_LXC_BRIDGE="true"
#LXC_BRIDGE="lxcbr0"
LXC_ADDR="10.0.3.1"
LXC_NETMASK="255.255.255.0"
LXC_NETWORK="10.0.3.0/24"
#LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
#LXC_DHCP_MAX="253"
#LXC_DHCP_CONFILE=""
LXC_DOMAIN=""


编辑/etc/network/interfaces并设置静态配置:

auto eth0
iface eth0 inet static
    address 10.0.3.3
    gateway 10.0.3.1
    netmask 255.255.255.0



或者

设置网络配置<container>/config

lxc.network.type = veth
lxc.network.hwaddr = 00:1a:b2:ff:62:32
lxc.network.link = lxcbr0
lxc.network.ipv4 = 10.0.3.2/24
lxc.network.ipv4.gateway = 10.0.3.1
lxc.network.flags = up


并设置手动接口配置/etc/network/interfaces

auto eth0
iface eth0 inet manual

答案2

可能dnsmasq正在进行“动态” IP 分配,您将在其中保留某些 IP /etc/lxc/dnsmasq.conf,例如:

dhcp-host=web,10.0.3.2

更改主机映射后,您需要重新加载dnsmasq

kill -HUP $(cat /var/run/lxc/dnsmasq.pid)

dnsmasq取决于lxc-net服务,您应该能够在服务状态中看到配置:

systemctl status lxc-net

相关内容