Finally put LXC network to pass, do not know right, remember
It's all the same place at first.
Yum Install Libcgroup LXC lxc-templates
Installing LXC Cgroup
Then remember
Chkconfig--level 345 libcgroup on Cgroup always start
Add a bridge
Ifcfg-eth0 changed to the following
Device= "Eth0"
onboot= "Yes"
Type=ethernet
Ipv6init=no
Userctl=no
Bridge=virbr0
Create a new ifcfg-virbr0 with the following content
Device=virbr0
Type=bridge
Bootproto=static
dns1=192.168.8.254
gateway=192.168.8.254
ipaddr=192.168.8.50
netmask=255.255.255.0
Onboot=yes
Restart the bridge and it will be created.
And then
Lxc-create-n testcentos-t CentOS
Create a container with CentOS as a template
And then
Vi/var/lib/lxc/testcentos/config
Lxc.network.type = Veth
Lxc.network.flags = up
Lxc.network.link = Virbr0
LXC.NETWORK.HWADDR = Fe:7c:d6:5a:ed:10
Lxc.network.ipv4 = 192.168.8.55/24
Lxc.network.ipv4.gateway = 192.168.8.50
Lxc.network.name = eth0
Lxc.rootfs =/var/lib/lxc/testcentos/rootfs
When it's finished.
Cat/var/lib/lxc/testcentos/tmp_root_pass
Take a look at the root password
And then
Lxc-start-n testcentos-d
Start the container, and
Lxc-console-n Testcentos
Landing container
After logging in, the problem comes, what about the network? I've been doing this for a long
Sysctl net.ipv4.ip_forward=1
Turn forwarding on
Then iptables set a rule
Iptables-t nat-a postrouting-o eth0-s 192.168.8.55-j Masquerade
There was a problem with the rule, a bit of a problem at the beginning, and later changed to
Iptables-t nat-a postrouting-o virbr0-s 192.168.8.55-j Masquerade
There's no problem, it's weird. Don't understand why. But it's just a guarantee of access to the lab's external network, and the lab's internal network is still out of the way.
Finally ping the lab internal address in the container, and then dump the ICMP packet on the VIRBR0
Tcpdump-n-I virbr0 ICMP
Found no packet passed, and then found a problem with the routing in the container.
destination gateway Genmask flags Metric ref use Iface
192.168.8.0 * 255.255.255.0 uh 0 0 0 eth0
Link-local * 255.255.0.0 u 1002 0 0 eth0
default 192.168.8.50 0.0.0.0 ug 0 0 0 eth0
means that the IP of all 192.168.8.0 network segments does not need to be forwarded directly to be accessed. This is wrong, and finally in
Vi/var/lib/lxc/testcentos/config
Change the IP of the container to Lxc.network.ipv4 = 192.168.8.55/32
And get rid of the/etc/sysconfig/network-scripts/ifcfg-eth0 inside the container netmask
Finally, we have access to it.
A few questions, why I do not see a similar approach on all documents, everyone is redirected directly to Eth0 finished?
In addition, the IP settings inside the container are not the same as others. Maybe everyone else is adding a subnet?
In any case, this container can be used, given his excellent computational performance
LXC on CentOS