Maybe a VPN container that peers with the other VPN containers and runs a
dynamic routing protocol? Then just setup a route on the lxd host to the
VPN guest. Make it config driven so you just push a new peer list to
update. Or not and just push the updated container?
On Sep 18, 2016 4:21 AM, "Tomasz Chmielewski" <man...@wpkg.org> wrote:
> It's easy to create a "LAN" for LXD containers on a single LXD server -
> just attach them to the same bridge, use the same subnet (i.e.
> 10.10.10.0/24) - done. Containers can communicate with each other using
> their private IP address.
> However, with more then one LXD server *not* in the same LAN (i.e. two LXD
> servers in different datacentres), the things get tricky.
> Is anyone using such setups, with multiple LXD servers and containers
> being able to communicate with each other?
> LXD1: IP 18.104.22.168, Europe LXD2: IP 22.214.171.124, Asia
> container1, 10.10.10.10 container4, 10.10.10.20
> container2, 10.10.10.11 container5, 10.10.10.21
> container3, 10.10.10.12 container6, 10.10.10.22
> LXD3: IP 126.96.36.199, US
> container7, 10.10.10.30
> container8, 10.10.10.31
> container8, 10.10.10.32
> While I can imagine setting up many OpenVPN tunnels between all LXD
> servers (LXD1-LXD2, LXD1-LXD3, LXD2-LXD3) and constantly adjusting the
> routes as containers are stopped/started/migrated, it's a bit of a
> management nightmare. And even more so if the number of LXD servers grows.
> Hints, discussion?
> Tomasz Chmielewski
> lxc-users mailing list
lxc-users mailing list