=====Netplan, LXD and MACVLAN over VLAN=====

Netplan (currently) does not support MACVLAN interfaces. So here I use a post-up hook script to create a MACVLAN interface for the host in order to communicate with containers.

  * Netplan config.<code>
# cat /etc/netplan/netplan.yaml
network:
  version: 2
  ethernets:
    enp1s0:
      dhcp4: false
      dhcp6: false
      accept-ra: false
    lan:
      dhcp4: false
      dhcp6: false
      addresses: [192.0.2.0/24]
      gateway4: 192.0.2.1
      nameservers:
        search: [lan]
        addresses: [192.0.2.53]
  vlans:
    untrust:
      id: 510
      link: enp1s0
      dhcp4: false
      dhcp6: false
      accept-ra: false
</code>
  * Networkd post-up hook scripts.<code>
# cat /etc/networkd-dispatcher/degraded.d/10-macvlan-enp1s0
#!/bin/bash

MYNIC="enp1s0"

if [[ "${IFACE}" == "${MYNIC}" ]]; then
  ip link add lan link "${IFACE}" type macvlan mode bridge
fi
</code>
  * Enable networkd-dispatcher.<code>
systemctl enable --now networkd-dispatcher.service
</code>
  * LXD starts containers using a MACVLAN interface.<code>
# lxc profile show default
config: {}
description: Default LXD profile
devices:
  eth0:
    name: eth0
    nictype: macvlan
    parent: enp1s0
    type: nic
  root:
    path: /
    pool: SSD
    type: disk
name: default
used_by:

# lxc profile show untrust_vlan
config: {}
description: ""
devices:
  eth0:
    nictype: macvlan
    parent: untrust
    type: nic
name: untrust_vlan
used_by:
</code>
  * Apply config.<code>
netplan apply
</code>



{{tag>[netplan lxd macvlan]}}