Overlay network for Juju LXC containers?

Tue Feb 2 12:05:56 UTC 2016

Thank you very much for this!

This confirmed my suspicion; the only way I got it to work on a manual
provider was to change the lxcbr0 interface so it connects to an internal
network with a dhcp server. I didn't look to deeply into the code so I
wasn't sure if there wasn't a better way...

2016-02-02 12:53 GMT+01:00 James Tunnicliffe <
james.tunnicliffe at canonical.com>:

> Andrew and I took a look at this yesterday.
>
> Digital Ocean don't support DHCP for private addresses, which is
> unfortunate because if they did this would just work with Juju 2.0 and
> with a feature flag for Juju 1.5. For this reason we need our own
> overlay network. Unfortunately we have been overly prescriptive with
> out network configuration so we always expect to use lxcbr0 for
> container connectivity instead of using the defaults in
> /etc/default/lxc-net. If we weren't we could set up the fan quite
> easily on each DO Droplet and then use the manual provisioner to
> enlist each Droplet into Juju's control.
>
> I have got a bug open to track this issue:
> https://bugs.launchpad.net/bugs/1540832
>
> James
>
> On Mon, Feb 1, 2016 at 2:26 PM, Andrew McDermott
> <andrew.mcdermott at canonical.com> wrote:
> > Merlijn & Patrik:
> >
> > Adding +James Tunnicliffe as he will be looking into your questions today
> > (and this week).
> >
> > On 29 January 2016 at 13:18, Andrew McDermott
> > <andrew.mcdermott at canonical.com> wrote:
> >>
> >> I will look into this this afternoon for you.
> >>
> >> On 29 January 2016 at 13:16, Rick Harding <rick.harding at canonical.com>
> >> wrote:
> >>>
> >>> Sorry dimiter, I know Andrew is out. Can you investigat please?
> >>>
> >>>
> >>> On Fri, Jan 29, 2016, 8:13 AM Merlijn Sebrechts
> >>> <merlijn.sebrechts at gmail.com> wrote:
> >>>>
> >>>> Any follow up to this? I'm also interested in using fan with lxc and
> >>>> Juju.
> >>>>
> >>>> 2016-01-07 19:19 GMT+01:00 Andrew McDermott
> >>>> <andrew.mcdermott at canonical.com>:
> >>>>>
> >>>>> Hi Patrik,
> >>>>>
> >>>>> I will look into this tomorrow. Apologies for the delay.
> >>>>>
> >>>>> On 7 January 2016 at 14:39, Patrik Karisch <patrik.karisch at gmail.com
> >
> >>>>> wrote:
> >>>>>>
> >>>>>> Hi Andrew,
> >>>>>>
> >>>>>> Thanks for the answer.
> >>>>>>
> >>>>>> According to AWS, all the instances must be created inside a VPC to
> >>>>>> bind the lxcbr0 to the AWS network and get an IP allocated?
> >>>>>>
> >>>>>> Since Digital Ocean provider is a simple plugin and basically based
> on
> >>>>>> manual provsioning the best solution would be to activate Fan
> networking on
> >>>>>> my machines manually? Are there any docs how I can point Juju to
> get a Fan
> >>>>>> IP address for the containers? Mark Shuttleworths blog post says
> it's super
> >>>>>> easy for LXD, Docker and Juju but shows only a Docker cli example.
> >>>>>>
> >>>>>> Best regards
> >>>>>> Patrik
> >>>>>>
> >>>>>> Andrew McDermott <andrew.mcdermott at canonical.com> schrieb am Do.,
> 7.
> >>>>>> Jan. 2016 um 14:14 Uhr:
> >>>>>>>
> >>>>>>> Hi Patrik,
> >>>>>>>
> >>>>>>> There is no current solution for Digital Ocean.
> >>>>>>>
> >>>>>>> On AWS a container gets an IP address on the lxcbr0 network. We
> then
> >>>>>>> add iptable rules that make the container visible on the hosts
> network - the
> >>>>>>> host can see the container, the container can see the host.
> >>>>>>>
> >>>>>>> On MAAS (for 16.04) we create a bridge per NIC and the container,
> >>>>>>> depending on how many interfaces are configured, will get an
> address on each
> >>>>>>> subnet. Please note that all of this is currently work in progress
> and is
> >>>>>>> only available on a feature branch (maas-spaces).
> >>>>>>>
> >>>>>>> AWS and MAAS do not use the fan.
> >>>>>>>
> >>>>>>> We are currently working on Juju's network model to make it easier
> to
> >>>>>>> do what you are asking for. My colleague Dimiter Naydenov has been
> blogging
> >>>>>>> about this recently:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> https://insights.ubuntu.com/2015/11/08/deploying-openstack-on-maas-1-9-with-juju/
> >>>>>>>
> >>>>>>> So for DO we don't have any transparent Juju solution for you, but
> we
> >>>>>>> are actively developing the capabilities of Juju's networking
> model.
> >>>>>>>
> >>>>>>> HTH
> >>>>>>>
> >>>>>>> On 6 January 2016 at 17:29, Patrik Karisch <
> patrik.karisch at gmail.com>
> >>>>>>> wrote:
> >>>>>>>>
> >>>>>>>> Hi,
> >>>>>>>>
> >>>>>>>> I'm wondering what Juju does to make services deployed into LXC
> >>>>>>>> containers on different machines reachable within the whole
> environment?
> >>>>>>>> Does it use Fan or something?
> >>>>>>>>
> >>>>>>>> Currently I'm trying Juju on Digital Ocean, where a machine has
> only
> >>>>>>>> one private IP and can't get more. I don't have the budget to run
> every
> >>>>>>>> service in a new machine, so they must reside in containers on a
> limited
> >>>>>>>> bunch of machines.
> >>>>>>>>
> >>>>>>>> Best regards
> >>>>>>>> Patrik
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> Juju mailing list
> >>>>>>>> Juju at lists.ubuntu.com
> >>>>>>>> Modify settings or unsubscribe at:
> >>>>>>>> https://lists.ubuntu.com/mailman/listinfo/juju
> >>>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> --
> >>>>>>> Andrew McDermott <andrew.mcdermott at canonical.com>
> >>>>>>> Juju Core Sapphire team <http://juju.ubuntu.com>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> Andrew McDermott <andrew.mcdermott at canonical.com>
> >>>>> Juju Core Sapphire team <http://juju.ubuntu.com>
> >>>>>
> >>>>> --
> >>>>> Juju mailing list
> >>>>> Juju at lists.ubuntu.com
> >>>>> Modify settings or unsubscribe at:
> >>>>> https://lists.ubuntu.com/mailman/listinfo/juju
> >>>>>
> >>>>
> >>>> --
> >>>> Juju mailing list
> >>>> Juju at lists.ubuntu.com
> >>>> Modify settings or unsubscribe at:
> >>>> https://lists.ubuntu.com/mailman/listinfo/juju
> >>
> >>
> >>
> >>
> >> --
> >> Andrew McDermott <andrew.mcdermott at canonical.com>
> >> Juju Core Sapphire team <http://juju.ubuntu.com>
> >
> >
> >
> >
> > --
> > Andrew McDermott <andrew.mcdermott at canonical.com>
> > Juju Core Sapphire team <http://juju.ubuntu.com>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20160202/1c916753/attachment.html>