This was definitely needed! Thanks.
It’s now possible to use CNI (container networking interface) with lxc. Here is an example. This requires some recent upstream patches, so for simplicity let’s use the lxc packages for zesty in ppa:serge-hallyn/atom. Setup a zesty host with that ppa, i.e.
sudo add-apt-repository ppa:serge-hallyn/atom sudo add-apt-repository ppa:projectatomic/ppa sudo apt update sudo apt -y install lxc1 skopeo skopeo-containers jq
(To run the oci template below, you’ll also need to install git://github.com/openSUSE/umoci. Alternatively, you can use any standard container, the oci template is not strictly needed, just a nice point to make)
Next setup CNI configuration, i.e.
cat >> EOF | sudo tee /etc/lxc/simplebridge.cni
{
"cniVersion": "0.3.1",
"name": "simplenet",
"type": "bridge",
"bridge": "cnibr0",
"isDefaultGateway": true,
"forceAddress": false,
"ipMasq": true,
"hairpinMode": true,
"ipam": {
"type": "host-local",
"subnet": "10.10.0.0/16"
}
}
EOF
The way lxc will use CNI is to call out to it using a start-host hook, that is, a program (hook) which…
View original post 137 more words
brauner's blog 