unit-get and LXC containers

Mark Canonical Ramm-Christensen mark.ramm-christensen at canonical.com
Tue Jul 23 23:21:35 UTC 2013 

Hi,

The short answer is that we are currently still working on making LXC
containers network addressable to the whole environment, and the plan is to
try to have a flat network with an address for each LXC container, as well
as each host.  We will then properly return the actual usable address of
the container, and everything should just work as expected.

It does mean that we need to be able to get IP addresses from the cloud
provider for reasonable LXC container support, but I think it is a viable
 approach in most of the places we care about.  We will probably have EC2
and MAAS soon, and other providers catching up as the underlying cloud
infrastructure grows this capability.

--Mark Ramm

On Tue, Jul 23, 2013 at 11:37 AM, Andreas Hasenack <andreas at canonical.com>wrote:

> Hi,
>
> I was playing with LXC containers and co-location using juju-core trunk
> and found out that "unit-get private-address" returns the IP of the unit's
> host, not of the container.
>
> I know that the container IP is only unique in the context of that host,
> since another container in another unit could get the same IP.
>
> On the other hand, returning the unit's IP does not mean that the service
> can be reached, since it's listening on the LXC interface.
>
> So basically, unit-get private-address doesn't mean much in the case of
> containers. You cannot connect to that IP and expect the service that is
> running in the container to respond.
>
>  For example, if you want to play with the wordpress charm using just one
> unit, you could try with having two wordpress containers in that unit and
> haproxy and mysql on the unit itself. But that won't work, because haproxy
> will get this configuration:
>
>  listen haproxy_service 0.0.0.0:80
>      balance leastconn
>      server 10_55_63_201__8080 10.55.63.201:8080 maxconn 100
>      server 10_55_63_201__8080 10.55.63.201:8080 maxconn 100
>
> That IP is the address of the unit, not the container.
>
> In this *particular* case, using the LXC IP would have worked, because
> it's known to the unit. But as soon as you add another machine with another
> wordpress running inside it as a container, and link to this haproxy, it
> will break.
>
> Was there any discussion about this? It means there has to be careful
> planing about what to deploy inside containers inside existing units.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20130723/518d85ad/attachment-0001.html>

More information about the Juju mailing list