Lxc

LXC 容器,無 LAN - 網際網路訪問

  • August 18, 2017

我正在 openSuSE 42.1 主機上設置 LXC 容器。

主機具有完全的 Internet 訪問權限,但容器沒有。容器可以 ping 主機,但在 LAN 或 Internet 上什麼也不能。

我認為問題可能是如何在主機上配置網橋,但我不知道如何解決這個問題。

主機有 eth0 和 br0。br0 已分配靜態 IP 地址等。

在 YAST 中,預設 IPv4 網關為 192.168.2.1,設備為 br0

這是主機的網路詳細資訊

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway.localdo 0.0.0.0         UG    0      0        0 br0
192.168.2.0    *               255.255.255.0   U     0      0        0 br0

netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.2.1    0.0.0.0         UG        0 0          0 br0
192.168.2.0    0.0.0.0         255.255.255.0   U         0 0          0 br0

ifconfig -a
br0       Link encap:Ethernet  HWaddr 08:00:27:E5:C3:27  
         inet addr:192.168.2.197  Bcast:192.168.2.255  Mask:255.255.255.0
         inet6 addr: fe80::a00:27ff:fee5:c327/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:266675 errors:0 dropped:0 overruns:0 frame:0
         TX packets:60989 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0 
         RX bytes:1391858642 (1327.3 Mb)  TX bytes:4049229 (3.8 Mb)

eth0      Link encap:Ethernet  HWaddr 08:00:27:E5:C3:27  
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:1259099 errors:0 dropped:5 overruns:0 frame:0
         TX packets:220712 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000 
         RX bytes:1449135910 (1382.0 Mb)  TX bytes:51279387 (48.9 Mb)

lo        Link encap:Local Loopback  
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:65536  Metric:1
         RX packets:11033 errors:0 dropped:0 overruns:0 frame:0
         TX packets:11033 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0 
         RX bytes:968389 (945.6 Kb)  TX bytes:968389 (945.6 Kb)

vethYW604 Link encap:Ethernet  HWaddr FE:A8:5F:48:80:7E  
         inet6 addr: fe80::fca8:5fff:fe48:807e/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:251 errors:0 dropped:0 overruns:0 frame:0
         TX packets:120979 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000 
         RX bytes:75398 (73.6 Kb)  TX bytes:71086180 (67.7 Mb)

gateway.localdomain 解析為 192.168.2.1

容器配置文件是:

lxc.network.type = empty
lxc.rootfs = /var/lib/lxc/TestLXC/rootfs
lxc.include = /usr/share/lxc/config/opensuse.common.conf
lxc.arch = x86_64
lxc.utsname = TestLXC
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed

lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0

lxc.network.hwaddr = 08:00:27:e5:c3:29
lxc.aa_allow_incomplete = 1

lxc.network.ipv4 = 192.168.2.221/24
lxc.network.ipv4.gateway = 192.168.2.197

它的網路詳細資訊是:

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.2.197  0.0.0.0         UG    0      0        0 eth0
192.168.2.0    *               255.255.255.0   U     0      0        0 eth0

netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.2.197  0.0.0.0         UG        0 0          0 eth0
192.168.2.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0

ifconfig -a
eth0      Link encap:Ethernet  HWaddr 08:00:27:E5:C3:29  
         inet addr:192.168.2.221  Bcast:192.168.2.255  Mask:255.255.255.0
         inet6 addr: fe80::a00:27ff:fee5:c329/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:133802 errors:0 dropped:0 overruns:0 frame:0
         TX packets:280 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000 
         RX bytes:78627055 (74.9 Mb)  TX bytes:82972 (81.0 Kb)

lo        Link encap:Local Loopback  
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:65536  Metric:1
         RX packets:26 errors:0 dropped:0 overruns:0 frame:0
         TX packets:26 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0 
         RX bytes:2152 (2.1 Kb)  TX bytes:2152 (2.1 Kb)

誰能告訴我如何讓我的 LXC 容器擁有完整的網路和 Internet 訪問權限。

謝謝

您配置了網橋,這意味著主機和容器在同一個子網上。因此容器應該使用與主機相同的網關,但您確實將主機的 IP 設置為預設網關。將其設置為 192.168.2.1

引用自:https://serverfault.com/questions/869290

相關問答

Port-Forwarding

lxd 容器:像 docker 一樣的埠轉發

  • January 13, 2022
檢視問答
Docker

LXC 中的 Docker 啟動容器程序導致“應用上限:不允許操作”

  • October 14, 2021
檢視問答
Virtualization

LXD 容器 IPv4 介面管理

  • April 5, 2021
檢視問答
Linux

我們什麼時候應該在 Linux 上使用容器化應用程序

  • February 25, 2020
檢視問答
Virtualization

容器和虛擬機有什麼區別?

  • February 4, 2020
檢視問答
Lxc

LXD 的成本

  • July 4, 2019
檢視問答