lxc 容器与虚拟主机之间的桥接

tag-icon tag-icon networking bridge lxc
lxc 容器与虚拟主机之间的桥接

我对 Linux 和网络通信还比较陌生,并且一直在努力解决以下问题:我在虚拟机主机中有一个 lxc 容器,并且主机通过接口 ens5 连接到 usrp 设备。我正在尝试在 lxc 和虚拟主机之间建立桥接连接,以便 lxc 也可以访问 usrp。以下是网络的具体细节:

  • 主机可以 ping 通 usrp 和 lxc。
  • 由于 ping google.com 失败,lxc 似乎无法访问互联网。

我已将主机和 lxc 的 ifconfig 输出附加在下面:

主持人:

br0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet6 fe80::8cec:6bff:feb6:f091  prefixlen 64  scopeid 0x20<link>
        ether 00:00:00:00:00:00  txqueuelen 1000  (Ethernet)
        RX packets 71  bytes 3266 (3.2 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 347  bytes 112162 (112.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 8950
        inet 192.168.0.106  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::f816:3eff:fe06:31f1  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:06:31:f1  txqueuelen 1000  (Ethernet)
        RX packets 267747  bytes 4853956651 (4.8 GB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 181065  bytes 13938392 (13.9 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
ens5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9216
        inet 172.23.201.111  netmask 255.255.255.0  broadcast 172.23.201.255
        inet6 fe80::50a7:4fff:fe09:f13e  prefixlen 64  scopeid 0x20<link>
        ether 52:a7:4f:09:f1:3e  txqueuelen 1000  (Ethernet)
        RX packets 85266  bytes 5116074 (5.1 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 77853  bytes 4684890 (4.6 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 392  bytes 30396 (30.3 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 392  bytes 30396 (30.3 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

LXC容器:

eth0     Link encap:Ethernet  HWaddr 00:16:3e:d6:08:87            
inet addr:10.146.57.62  Bcast:10.146.57.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fed6:887/64 Scope:Link
          inet6 addr: fd42:e7bb:bece:2928:216:3eff:fed6:887/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:9216  Metric:1
          RX packets:948 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1337 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:127890 (127.8 KB)  TX bytes:124727 (124.7 KB)
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:41 errors:0 dropped:0 overruns:0 frame:0
          TX packets:41 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3148 (3.1 KB)  TX bytes:3148 (3.1 KB)

答案1

使用 LXC 2.0,您可以尝试使用 macvlan nic 类型。为此,请编辑您用于启动容器的配置文件。假设您要编辑默认配置文件,然后执行

lxc profile edit default

在设备部分下,添加另一个网卡,如下所示:

devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: lxcbr0
    type: nic
  usrp0:
    name: usrp0
    nictype: macvlan
    parent: ens5
    type: nic

然后,在新的容器启动后,为新的网卡添加一个ip地址:

ip address add 172.23.201.78/24 dev usrp0

您现在应该能够从容器 ping usrps。

相关内容