3
I am trying to setup LXC containers on top of Amazon. I am very much new to Amazon and VPC especially. In fact created VPC for the first time to experiment lxc.
My Goal: My goal is to have lxc containers on Amazon instances and have them in the bridge type network. That means, I should be able to either assign public ips or private ips reachable to other amazon instances/lxc containers just as in physical LAN. For this I have been trying virsh(libvirt) with bridge networking. With this I never was able to achieve what I wanted.
What I have done: I have created a VPC with single subnet(public). Launched a debian instance in it. Installed LXC and could successfully achieve nat mode and route mode. But this gave me 192.168.122.0(lxc's default) ip addresses. But I was able to get internet in the containers with some iptable rules. After trying with libvirt, manually by creating bridge using bridge-utils, got no luck in assigning an IP to the container. My assumption is the container should get a DHCP lease from the Amazon's DHCP service. Finally I associated another Elastic IP to the debian instance and memorized its nated private ip. After that created a simple bridge and added eth0 to the bridge on the host. Then created a simple host-bridge network using libvirt. And in the lxc config hardcoded the nated ip i memorized. Then I started the lxc container. The container could get the nated ip on it. I could ssh to it from host. But I am not getting internet in that container.
/etc/network/interfaces(host) auto lo iface lo inet loopback auto eth0 iface eth0 inet manual
auto br0
iface br0 inet dhcp
bridge_ports eth0
bridge_fd 0
bridge_maxwait 0
virsh net-dumpxml host-bridge
<network>
<name>host-bridge</name>
<uuid>7c41e4ce-311c-c78f-5ea3-a03a224e4a3c</uuid>
<forward mode='bridge'/>
<bridge name='br0' />
</network>
lxc config file
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
#lxc.network.name = eth0
lxc.network.ipv4 = 10.0.0.207/24(natted memorized ip)
container's interfaces file auto lo iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.0.207
netmask 255.255.255.0
gateway 10.0.0.1
My questions:
- What VPC should I choose for this scenario?
- What network mode makes my job easier?
- At the least, with what I have achieved, how can I get internet to the container?
- Without Elastic IP, cant I have a private IP in the same subnet which is reachable to other instances and containers?
1
According to this https://aws.amazon.com/about-aws/whats-new/2012/07/06/multiple-ip-addresses-for-amazon-ec2-instances-in-amazon-vpc/ AWS now supports up to 240 IPs on their larger instances.
– Rich Remer – 2018-03-20T18:05:36.520