Using Global IP Addresses with LXD Containers on Sakura Cloud
Server
Lastmod: 2025-01-21
Published: 2021-02-11

This is a note about using global IP addresses directly on LXD containers or assigning local switch IP addresses directly in Sakura Cloud.

We will be building this on Ubuntu 20.04.

Configuration

  • Directly connected to the router + switch
  • Two disks: one for the VM OS and one for the LXD containers

Setup

The OS installation steps are omitted. We use the Ubuntu 20.04.01 LTS archive image provided by Sakura Cloud. Proceeding with the assumption that the OS is installed on /dev/vda and /dev/vdb is an additional 100GB disk.

ubuntu@lxd:~$ cat /proc/partitions
major minor  #blocks  name

  11        0    1048575 sr0
 252        0   20971520 vda
 252        1       1024 vda1
 252        2    4194304 vda2
 252        3   16774144 vda3
 252       16  104857600 vdb

LXD Setup

  • Install LXD
ubuntu@lxd:~$ sudo lxd init
  • Initial LXD configuration
ubuntu@lxd:~$ sudo lxd init
Would you like to use LXD clustering? (yes/no) [default=no]:
Do you want to configure a new storage pool? (yes/no) [default=yes]:
Name of the new storage pool [default=default]:
Name of the storage backend to use (zfs, ceph, btrfs, dir, lvm) [default=zfs]:
Create a new ZFS pool? (yes/no) [default=yes]:
Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: yes
Path to the existing block device: /dev/vdb
Would you like to connect to a MAAS server? (yes/no) [default=no]:
Would you like to create a new local network bridge? (yes/no) [default=yes]: no
Would you like to configure LXD to use an existing bridge or host interface? (yes/no) [default=no]:
Would you like the LXD server to be available over the network? (yes/no) [default=no]:
Would you like stale cached images to be updated automatically? (yes/no) [default=yes]
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:

We set /dev/vdb to be used as ZFS.

Since the zfs command is not installed in this state, we install it.

  • Install zfsutils-linux
$ sudo apt install zfsutils-linux

Creating a Bridge and Assigning a Global IP Address to the Container

The intended configuration might look something like this. However, with Sakura Cloud, this setup won’t allow the container to communicate externally.

Sakura Cloud Manual: Are there packets that cannot pass through the switch or router + switch?

Packets with a source MAC address different from the one assigned when the server was created cannot pass through.

Therefore, communications using the MAC address of the container’s eth0 (auto-generated) cannot pass through the router + switch.

Creating a Container and Using ipvlan

Since a bridge won’t work, we use ipvlan to assign IP addresses.

ipvlan shares the host’s MAC address and assigns the added IP address to LXD.

  • Enabling forwarding is necessary when using ipvlan.
ubuntu@lxd:~$ sudo sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
ubuntu@lxd:~$ sudo sysctl --system
  • Creating the container
ubuntu@lxd:~$ lxc launch images:ubuntu/20.04 container1
Creating container1

The instance you are starting doesn't have any network attached to it.
  To create a new network, use: lxc network create
  To attach a network to an instance, use: lxc network attach

Starting container1
ubuntu@lxd:~$ lxc list
+------------+---------+------+------+-----------+-----------+
|    NAME    |  STATE  | IPV4 | IPV6 |   TYPE    | SNAPSHOTS |
+------------+---------+------+------+-----------+-----------+
| container1 | RUNNING |      |      | CONTAINER | 0         |
+------------+---------+------+------+-----------+-----------+

In this state, no NIC is assigned, so we assign a NIC and set ipvlan. However, we need to stop the container to assign the NIC.

  • Stopping the container
ubuntu@lxd:~$ lxc stop container1
  • Assigning the NIC
ubuntu@lxd:~$ lxc config device add container1 eth0 nic nictype=ipvlan parent=ens3 ipv4.address=27.133.xx.85
Device eth0 added to container1
  • Also, setting the timezone to JST
ubuntu@lxd:~$ lxc config set container1 environment.TZ Asia/Tokyo
  • Starting the container
ubuntu@lxd:~$ lxc start container1
  • Entering the container to configure the network
ubuntu@lxd:~$ lxc exec container1 bash
root@container1:~#
  • Editing /etc/netplan/10-lxc.yaml
root@container1:~# cat << _EOF_ > /etc/netplan/10-lxc.yaml
network:
  version: 2
  ethernets:
    eth0:
      addresses: [ "27.133.xx.85/28" ]
      gateway4: 27.133.xx.81
      dhcp4: false
      nameservers:
        addresses: [ "8.8.8.8", "8.8.4.4" ]
_EOF_
  • Applying netplan
root@container1:~# netplan apply
  • Successfully able to communicate with the outside.
root@container1:~# ping sakura.ad.jp -c5
PING sakura.ad.jp (163.43.24.70) 56(84) bytes of data.
64 bytes from vip1a.www.sakura.ad.jp (163.43.24.70): icmp_seq=1 ttl=63 time=0.290 ms
64 bytes from vip1a.www.sakura.ad.jp (163.43.24.70): icmp_seq=2 ttl=63 time=0.341 ms
64 bytes from vip1a.www.sakura.ad.jp (163.43.24.70): icmp_seq=3 ttl=63 time=0.304 ms
64 bytes from vip1a.www.sakura.ad.jp (163.43.24.70): icmp_seq=4 ttl=63 time=0.347 ms
64 bytes from vip1a.www.sakura.ad.jp (163.43.24.70): icmp_seq=5 ttl=63 time=0.340 ms

--- sakura.ad.jp ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4027ms
rtt min/avg/max/mdev = 0.290/0.324/0.347/0.022 ms

Summary

By using ipvlan, you can assign a global IP address to LXD containers via Sakura Cloud’s router + switch. This setup can be useful for testing, or consolidating small public-facing servers.