讓已經設定好的 LXD 使用 bridge 與外界通訊
有的時候,在 development 環境,我們會想要可以設定各個 lxd 可以有不一樣的 profile,適用不同的項目。而今天要講的,就是這個 profile 功能。
bridge 裝置設定
首先,請先設定一個 bridge,因為很常見,這裡就不細講
$ ip a
...略...
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether a8:5e:45:a7:e8:f7 brd ff:ff:ff:ff:ff:ff
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a8:5e:45:a7:e8:f7 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.30/24 brd 192.168.1.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::aa5e:45ff:fea7:e8f7/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:02:c1:7e brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
...略...
總之,如果你使用的是 Ubuntu 18.04 之後的版本,又不需要用 wifi 的話,可以直接使用內建的 netplan 取代 NetworkManager
舉例來說,我的設定檔如下(/etc/netplan/01-bridge-all.yaml):
network:
version: 2
renderer: networkd
ethernets:
enp5s0:
dhcp4: no
bridges:
br0:
interfaces: [enp5s0]
addresses: [192.168.1.XXX/24]
gateway4: 192.168.1.1
nameservers:
addresses: [1.1.1.1, 1.0.0.1]
新增 profile
複製原本的 profile(本例為default),命名為 bridge0
lxc profile copy default bridge0
新的 profile:
$ lxc profile list
+---------+---------+
| NAME | USED BY |
+---------+---------+
| bridge0 | 0 |
+---------+---------+
| default | 0 |
+---------+---------+
使用以下指令編輯 bridge0 設定檔
lxc profile edit bridge0
把 eth0 的設定改成下面的樣子:
config: {}
description: br0 bridged profile
devices:
eth0:
name: eth0
nictype: bridged
parent: br0
type: nic
root:
path: /
pool: lxd_pool
type: disk
name: bridge0
used_by: []
請注意:parent 的部份請設定成自己的 bridge 裝置名稱
測試
隨手建立一個 container(本例為 bionic):
lxc launch ubuntu:18.04 bionic
很明顯使用的是預設的 lxdbr0:
$ lxc list
+--------+---------+---------------------+----------------------------------------------+-----------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+--------+---------+---------------------+----------------------------------------------+-----------+-----------+
| bionic | RUNNING | 10.113.67.63 (eth0) | fd42:fba3:614f:486:216:3eff:fe7d:7bed (eth0) | CONTAINER | 0 |
+--------+---------+---------------------+----------------------------------------------+-----------+-----------+
$ lxc info bionic
Name: bionic
Location: none
Remote: unix://
Architecture: x86_64
Created: 2020/04/20 15:32 UTC
Status: Running
Type: container
Profiles: default
Pid: 39836
Ips:
eth0: inet 10.113.67.63 vethcbc5c26a
eth0: inet6 fd42:fba3:614f:486:216:3eff:fe7d:7bed vethcbc5c26a
eth0: inet6 fe80::216:3eff:fe7d:7bed vethcbc5c26a
lo: inet 127.0.0.1
lo: inet6 ::1
...略
接下來我們要 "指派" bionic 去使用剛才的 profile:
# 先關閉
lxc stop bionic
# 指派
lxc profile assign bionic bridge0
# 開啟
lxc start bionic
成功!!
$ lxc list
+--------+---------+---------------------+------+-----------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+--------+---------+---------------------+------+-----------+-----------+
| bionic | RUNNING | 192.168.1.63 (eth0) | | CONTAINER | 0 |
+--------+---------+---------------------+------+-----------+-----------+
$ lxc info bionic
Name: bionic
Location: none
Remote: unix://
Architecture: x86_64
Created: 2020/04/20 15:32 UTC
Status: Running
Type: container
Profiles: bridge0
Pid: 45446
Ips:
eth0: inet 192.168.1.63 vethff411272
eth0: inet6 fe80::216:3eff:fe7d:7bed vethff411272
lo: inet 127.0.0.1
lo: inet6 ::1
...略
參考資料
- Network configuration – LXD – system container manager
- 底下有一段 "Additionally, LXD can utilize a pre-existing Linux bridge."