LXC IP Deconfliction
LXC IP Deconfliction
You may have a scenario where the IP of your LXC VM conflicts with a openvpn connection such as a 10. (Class A setup). Because LXC uses 10. by default as well we want to move the plumbing. Here is one way that worked.
lxc network list
After that you can edit it with:
lxc network edit lxcnet
And set it up as:
There are a lot of moving parts here that can make things break:
- If you notice the - /1.0/profiles/default it is the 'stamp' profile that will assign to created VM's
When we inspect that profile we can see it's back connection to the lxcnet:
lxc profile default edit
parent:lxcnet
Now our VM 'bb' is left in dhcp mode, and it works.
But it didn't. If you pay close attention the VM is sitting inside the 3. domain and it's bridge is sitting inside the 4. domain. But it can ping all the way to the 192.168.2 network across this mix of domains.
Fix This!
Inside /etc/default/lxc-net we will also have some default settings:
Now when we start the VM we have corrected settings:
Still questions remain...
lxcbr0 seems to be doing the heavy lifting and the nat - yet at the same time lxcnet is showing it is being used.
Did we find the culprit?
Maybe it seems to be residing in the default profile:
Fixed it!
This actually worked.
Delete lxcnet, and change profile to have it use lxcbr0
It still served an IP to the VM cleanly was able to ping out and deleted an extraneous bridge.
However another 'gotcha' pops up, because lxcbr0 is no longer managed you can no longer edit it.
The answer was finally revealed -lxc network create makes it managed by default
lxc network create bob
and
lxc network edit bob