Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools


Action disabled: revisions
lxd_vlan_macvlan

Netplan, LXD and MACVLAN over VLAN

Netplan (currently) does not support MACVLAN interfaces. So here I use a post-up hook script to create a MACVLAN interface for the host in order to communicate with containers.

  • Netplan config.
    # cat /etc/netplan/netplan.yaml
    network:
      version: 2
      ethernets:
        enp1s0:
          dhcp4: false
          dhcp6: false
          accept-ra: false
        lan:
          dhcp4: false
          dhcp6: false
          addresses: [192.0.2.0/24]
          gateway4: 192.0.2.1
          nameservers:
            search: [lan]
            addresses: [192.0.2.53]
      vlans:
        untrust:
          id: 510
          link: enp1s0
          dhcp4: false
          dhcp6: false
          accept-ra: false
  • Networkd post-up hook scripts.
    # cat /etc/networkd-dispatcher/degraded.d/10-macvlan-enp1s0
    #!/bin/bash
    
    MYNIC="enp1s0"
    
    if [[ "${IFACE}" == "${MYNIC}" ]]; then
      ip link add lan link "${IFACE}" type macvlan mode bridge
    fi
  • Enable networkd-dispatcher.
    systemctl enable --now networkd-dispatcher.service
  • LXD starts containers using a MACVLAN interface.
    # lxc profile show default
    config: {}
    description: Default LXD profile
    devices:
      eth0:
        name: eth0
        nictype: macvlan
        parent: enp1s0
        type: nic
      root:
        path: /
        pool: SSD
        type: disk
    name: default
    used_by:
    
    # lxc profile show untrust_vlan
    config: {}
    description: ""
    devices:
      eth0:
        nictype: macvlan
        parent: untrust
        type: nic
    name: untrust_vlan
    used_by:
  • Apply config.
    netplan apply
lxd_vlan_macvlan.txt · Last modified: 2021/10/17 10:07 by admin