It is not coming up because you do not have startup script for the interface. Perhaps you have it, but you need to modify it to fit your setup. Check https://github.com/openvswitch/ovs/blob/master/debian/ifupdown.sh and https://github.com/openvswitch/ovs/blob/master/rhel/etc_sysconfig_network-scripts_ifdown-ovs for examples.
Regards, Paul Get Outlook for iOS<https://aka.ms/o0ukef> ________________________________ From: den...@exemail.com.au <den...@exemail.com.au> Sent: Monday, May 14, 2018 6:55:22 AM To: Paul Greenberg Cc: Orabuntu-LXC; ovs-discuss@openvswitch.org Subject: Re: [ovs-discuss] Openvswitch and LXC integration on Ubuntu 18.04 Paul Thanks for that command. I tried it and found that my br-int was not up . After "sudo ip link set br-int up" and "sudo ip addr add 192.168.1.1/24 dev br-int" it worked and I could ping as expected. For Ubuntu 18.04 I have added the following to /etc/network/interfaces allow-ovs br-int iface br-int inet static address 192.168.1.1 netmask 255.255.255.0 ovs_type OVSBridge But on reboot br-int is not coming up correctly after reboot. 5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether c6:8e:e2:7b:0f:4f brd ff:ff:ff:ff:ff:ff Is this the correct way to define a Openvswitch bridge with IP on Ubuntu? Thanks Densha It looks> Before you rebuild, I suggest you ping at the interval of 0.01, then, take > "ovs-ofctl dump-flows br-int" and save it to a file. The relevant columns > are table and n_packets. Wait a couple of seconds, then take the dump > again. Compare and find the entries that increment at the rate of your > ping. > > If you don't see the hits in the tables - check iptables, kmod, etc. > > If you ser them, use trace to figure out why your traffic is being > dropped. > > Regards, > Paul > > > Get Outlook for iOS<https://aka.ms/o0ukef> > ________________________________ > From: ovs-discuss-boun...@openvswitch.org > <ovs-discuss-boun...@openvswitch.org> on behalf of den...@exemail.com.au > <den...@exemail.com.au> > Sent: Saturday, May 12, 2018 11:45:57 PM > To: Orabuntu-LXC > Cc: ovs-discuss@openvswitch.org > Subject: Re: [ovs-discuss] Openvswitch and LXC integration on Ubuntu 18.04 > > Thanks. I tried that and still unable to ping from the LXC container to > the IP address set on the bridge. > > I will rebuild everything from scratch and retry. > >> Check sysctl settings. Check/set these on the LXC host machine in the >> /etc/sysctl.conf (or in a new file in the /etc/sysctl.d directory, e.g >> you >> could call it /etc/sysctl.d/60-lxc.conf) : >> >> net.ipv4.conf.default.rp_filter=0 >> net.ipv4.conf.all.rp_filter=0 >> net.ipv4.ip_forward=1 >> >> Reference: >> https://thenewstack.io/solving-a-common-beginners-problem-when-pinging-from-an-openstack-instance/ >> >> >> >> On Sat, May 12, 2018 at 7:09 AM, <den...@exemail.com.au> wrote: >> >>> Thanks for the response and links. I will watch the OvS Con videos. >>> >>> I have now successfully started the container, but unable to ping out >>> or >>> into the container. >>> >>> I have modified my /var/lib/vm1/conf to be >>> >>> # Network configuration >>> lxc.net.0.type = veth >>> lxc.net.0.link = br-int <- Name of my internal container bridge >>> lxc.net.0.flags = up >>> lxc.net.0.name=eth0 >>> lxc.net.0.hwaddr = 00:16:3e:d2:23:a8 . <- This was in the conf when >>> created. >>> >>> >>> When I start the container - I can see the port be added to the bridge >>> on >>> the host system >>> >>> # sudo lxc-start -n vm1 >>> # sudo ovs-vsctl show >>> c3d9247e-68f1-4ae1-be0e-4bb86fd2c541 >>> Bridge br-dmz >>> Port br-dmz >>> Interface br-dmz >>> type: internal >>> Bridge br-int >>> Port "veth4U4B0B" <- New port added when >>> container starts >>> Interface "veth4U4B0B" >>> Port br-int >>> Interface br-int >>> type: internal >>> Port "enp2s0" >>> Interface "enp2s0" >>> ovs_version: "2.9.0" >>> >>> The bridge br-int has self IP 192.168.10.1/24 - that I added using >>> (after >>> reboot) >>> >>> # sudo ip addr del 192.168.0.1/24 dev br-int >>> >>> 5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group >>> default qlen 1000 >>> link/ether 00:01:80:82:f8:59 brd ff:ff:ff:ff:ff:ff >>> inet 192.168.10.1/24 scope global br-int >>> valid_lft forever preferred_lft forever >>> >>> and the new port >>> >>> 8: veth4U4B0B@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc >>> noqueue master ovs-system state UP group default qlen 1000 >>> link/ether fe:b8:87:1b:1e:5e brd ff:ff:ff:ff:ff:ff link-netnsid 0 >>> inet6 fe80::fcb8:87ff:fe1b:1e5e/64 scope link >>> valid_lft forever preferred_lft forever >>> >>> Inside the container I set the IP of eth0 device using >>> >>> ubuntu@vm1:~$ sudo ip addr add 192.168.10.2/24 dev eth0 >>> >>> ubuntu@vm1:~$ ip a >>> 7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue >>> state UP group default qlen 1000 >>> link/ether 00:16:3e:d2:23:a8 brd ff:ff:ff:ff:ff:ff link-netnsid 0 >>> inet 192.168.10.2/24 scope global eth0 >>> valid_lft forever preferred_lft forever >>> inet6 fe80::216:3eff:fed2:23a8/64 scope link >>> valid_lft forever preferred_lft forever >>> >>> However I still cannot ping the self IP of the bridge. >>> >>> Is there anything obvious that I have configured wrong? >>> >>> Thanks >>> >>> Densha >>> >>> >>> > These materials might help: >>> > >>> > 1. Presentation on running LXC on OpenvSwitch at OvS Con: >>> > >>> > https://www.youtube.com/watch?v=MXewSiDvQl4&t=221s (presentation I >>> gave >>> at >>> > OvS Con). >>> > >>> > I discuss in the preso that for LXC 2.1+, you now have the option to >>> > configure OpenvSwitch for LXC in two different ways. You can >>> configure >>> it >>> > using, as you mentioned, the scripts (and this was the way we had to >>> do >>> it >>> > in LXC 1.0.x and 2.0.x. This method has advantage that VLAN's can >>> also >>> > be >>> > configured pretty easily in these scripts too. >>> > >>> > lxc.net.0.script.up >>> > lxc.net.0.script.down >>> > >>> > Or, starting from 2.1.x you can also configure it directly in the LXC >>> > config using for example these parameters: >>> > >>> > lxc.net.0.type = veth >>> > lxc.net.0.link = ovsbr0 >>> > lxc.net.0.flags = up >>> > lxc.net.0.name = eth0 >>> > >>> > which is also discussed here: >>> > https://discuss.linuxcontainers.org/t/lxc-2-1-has-been-released/487 >>> > >>> > 2. Also, my Orabuntu-LXC software projects is specifically designed >>> for >>> > deploying an entire LXC VLAN-tagged infrastructure on OpenvSwitch >>> with >>> > just >>> > a single command: >>> > >>> > https://github.com/gstanden/orabuntu-lxc >>> > >>> > See if these references above help you set it up, and if not, let me >>> know. >>> > >>> > HTH, Gilbert >>> > >>> > >>> > >>> > On Sat, May 12, 2018 at 2:32 AM, <den...@exemail.com.au> wrote: >>> > >>> >> >>> >> I am attempting to use LXC containers with OpenVswitch on Ubuntu >>> 18.04 >>> >> LTS >>> >> server. However, I am unable to work out the syntax for the >>> container >>> >> settings. The container is failing to start due to unable to create >>> the >>> >> network. >>> >> >>> >> I did a vanilla install onto a media play with two NIC cards - >>> enp1s0 >>> >> and >>> >> enp2s0. >>> >> >>> >> I installed, created, tested and then destroyed a container using >>> lxc >>> to >>> >> confirm that lxc was functioning correctly on the server. >>> >> >>> >> #sudo apt-get install lxc lxc-templates wget bridge-utils >>> >> #sudo lxc-checkconfig >>> >> #sudo lxc-create -n vm1 -t ubuntu >>> >> #sudo lxc-start -n vm1 >>> >> #sudo lxc-console -n vm1 >>> >> #sudo lxc-stop -n vm1 >>> >> #sudo lxc-destroy -n vm1 >>> >> >>> >> I then removed lxc bridge - lxcbr0 by setting USE_LXC_BRIDGE to >>> false >>> in >>> >> /etc/default/lxc-net and removed lxcbr0 device and rebooted. >>> >> >>> >> # sudo ip link set lxcbr0 down >>> >> # sudo brctl delbr lxcbr0 >>> >> >>> >> I then installed openvswitch and created two bridges br-dmz (dmz >>> >> containers - 172.18.0.0/24) and br-int (internal containers - >>> >> 192.168.0.0/24). I have added physical NIC port enp2s0 to br-int as >>> I >>> >> have a local WAP installed on that interface. >>> >> >>> >> #sudo apt-get install openvswitch-switch >>> >> #sudo ovs-vsctl add-br br-dmz >>> >> #sudo ovs-vsctl add-br br-int >>> >> #sudo ovs-vsctl add-port br-int enp2s0 >>> >> >>> >> #sudo ip addr add 172.18.0.1/24 dev br-dmz >>> >> #sudo ip addr add 192.168.10.1/24 dev br-int >>> >> >>> >> #sudo ovs-vsctl show >>> >> c3d9247e-68f1-4ae1-be0e-4bb86fd2c541 >>> >> Bridge br-dmz >>> >> Port br-dmz >>> >> Interface br-dmz >>> >> type: internal >>> >> Bridge br-int >>> >> Port br-int >>> >> Interface br-int >>> >> type: internal >>> >> Port "enp2s0" >>> >> Interface "enp2s0" >>> >> ovs_version: "2.9.0" >>> >> >>> >> #ip a >>> >> >>> >> 5: br-dmz: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN >>> group >>> >> default qlen 1000 >>> >> link/ether 7e:86:2a:79:24:4e brd ff:ff:ff:ff:ff:ff >>> >> inet 172.18.0.1/24 scope global br-dmz >>> >> valid_lft forever preferred_lft forever >>> >> 6: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN >>> group >>> >> default qlen 1000 >>> >> link/ether 00:01:80:82:f8:59 brd ff:ff:ff:ff:ff:ff >>> >> inet 192.168.10.1/24 scope global br-int >>> >> valid_lft forever preferred_lft forever >>> >> >>> >> >>> >> I created a LXC container VM1 and I would like to attach to br-int >>> >> >>> >> sudo lxc-create -n vm1 -t ubuntu >>> >> >>> >> Edit VMs config vi /var/lib/lxc/vm1/config >>> >> >>> >> lxc.net.0.link = br-int <- from lxcbr0 >>> >> lxc.net.0.script.up=/etc/lxc/ifup <- added >>> >> lxc.net.0.script.down=/etc/lxc/ifdown <- added >>> >> >>> >> Created scripts to ifup / ifdown interface >>> >> >>> >> vi /etc/lxc/ifup >>> >> #!/bin/bash >>> >> BRIDGE=br-int >>> >> ovs-vsctl --may-exist add-br $BRIDGE >>> >> ovs-vsctl --if-exists del-port $BRIDGE $5 >>> >> ovs-vsctl --may-exist add-port $BRIDGE $5 >>> >> >>> >> vi /etc/lxc/ifdown >>> >> #!/bin/bash >>> >> ovsBr=br-int >>> >> ovs-vsctl --if-exists del-port ${ovsBr} $5 >>> >> >>> >> chmod +x /etc/lxc/if* >>> >> >>> >> When I try to start the container using openvswitch I get the >>> following >>> >> error. >>> >> >>> >> sudo lxc-start -n vm1 --logfile log.txt >>> >> >>> >> lxc-start vm1 20180512072653.582 ERROR lxc_conf - >>> >> conf.c:run_buffer:347 >>> >> - Script exited with status 1 >>> >> lxc-start vm1 20180512072653.610 ERROR lxc_network - >>> >> network.c:lxc_create_network_priv:2436 - Failed to create network >>> device >>> >> lxc-start vm1 20180512072653.610 ERROR lxc_start - >>> >> start.c:lxc_spawn:1545 - Failed to create the network >>> >> lxc-start vm1 20180512072653.610 ERROR lxc_start - >>> >> start.c:__lxc_start:1866 - Failed to spawn container "vm1" >>> >> lxc-start vm1 20180512072653.610 ERROR lxc_container - >>> >> lxccontainer.c:wait_on_daemonized_start:824 - Received container >>> state >>> >> "STOPPING" instead of "RUNNING" >>> >> >>> >> >>> >> Any idea what I have missed that is causing the container netwok to >>> not >>> >> be >>> >> created. >>> >> >>> >> Thanks >>> >> >>> >> Densha >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> _______________________________________________ >>> >> discuss mailing list >>> >> disc...@openvswitch.org >>> >> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >>> >> >>> > >>> > >>> > >>> > -- >>> > Gilbert Standen >>> > Creator Orabuntu-LXC >>> > 914-261-4594 >>> > gilb...@orabuntu-lxc.com >>> > >>> >>> >>> _______________________________________________ >>> discuss mailing list >>> disc...@openvswitch.org >>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >>> >> >> >> >> -- >> Gilbert Standen >> Creator Orabuntu-LXC >> 914-261-4594 >> gilb...@orabuntu-lxc.com >> > > > _______________________________________________ > discuss mailing list > disc...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss