Overlay network for Juju LXC containers?

James Tunnicliffe james.tunnicliffe at canonical.com
Tue Feb 2 11:53:35 UTC 2016 

Andrew and I took a look at this yesterday.

Digital Ocean don't support DHCP for private addresses, which is
unfortunate because if they did this would just work with Juju 2.0 and
with a feature flag for Juju 1.5. For this reason we need our own
overlay network. Unfortunately we have been overly prescriptive with
out network configuration so we always expect to use lxcbr0 for
container connectivity instead of using the defaults in
/etc/default/lxc-net. If we weren't we could set up the fan quite
easily on each DO Droplet and then use the manual provisioner to
enlist each Droplet into Juju's control.

I have got a bug open to track this issue:
https://bugs.launchpad.net/bugs/1540832

James

On Mon, Feb 1, 2016 at 2:26 PM, Andrew McDermott
<andrew.mcdermott at canonical.com> wrote:
> Merlijn & Patrik:
>
> Adding +James Tunnicliffe as he will be looking into your questions today
> (and this week).
>
> On 29 January 2016 at 13:18, Andrew McDermott
> <andrew.mcdermott at canonical.com> wrote:
>>
>> I will look into this this afternoon for you.
>>
>> On 29 January 2016 at 13:16, Rick Harding <rick.harding at canonical.com>
>> wrote:
>>>
>>> Sorry dimiter, I know Andrew is out. Can you investigat please?
>>>
>>>
>>> On Fri, Jan 29, 2016, 8:13 AM Merlijn Sebrechts
>>> <merlijn.sebrechts at gmail.com> wrote:
>>>>
>>>> Any follow up to this? I'm also interested in using fan with lxc and
>>>> Juju.
>>>>
>>>> 2016-01-07 19:19 GMT+01:00 Andrew McDermott
>>>> <andrew.mcdermott at canonical.com>:
>>>>>
>>>>> Hi Patrik,
>>>>>
>>>>> I will look into this tomorrow. Apologies for the delay.
>>>>>
>>>>> On 7 January 2016 at 14:39, Patrik Karisch <patrik.karisch at gmail.com>
>>>>> wrote:
>>>>>>
>>>>>> Hi Andrew,
>>>>>>
>>>>>> Thanks for the answer.
>>>>>>
>>>>>> According to AWS, all the instances must be created inside a VPC to
>>>>>> bind the lxcbr0 to the AWS network and get an IP allocated?
>>>>>>
>>>>>> Since Digital Ocean provider is a simple plugin and basically based on
>>>>>> manual provsioning the best solution would be to activate Fan networking on
>>>>>> my machines manually? Are there any docs how I can point Juju to get a Fan
>>>>>> IP address for the containers? Mark Shuttleworths blog post says it's super
>>>>>> easy for LXD, Docker and Juju but shows only a Docker cli example.
>>>>>>
>>>>>> Best regards
>>>>>> Patrik
>>>>>>
>>>>>> Andrew McDermott <andrew.mcdermott at canonical.com> schrieb am Do., 7.
>>>>>> Jan. 2016 um 14:14 Uhr:
>>>>>>>
>>>>>>> Hi Patrik,
>>>>>>>
>>>>>>> There is no current solution for Digital Ocean.
>>>>>>>
>>>>>>> On AWS a container gets an IP address on the lxcbr0 network. We then
>>>>>>> add iptable rules that make the container visible on the hosts network - the
>>>>>>> host can see the container, the container can see the host.
>>>>>>>
>>>>>>> On MAAS (for 16.04) we create a bridge per NIC and the container,
>>>>>>> depending on how many interfaces are configured, will get an address on each
>>>>>>> subnet. Please note that all of this is currently work in progress and is
>>>>>>> only available on a feature branch (maas-spaces).
>>>>>>>
>>>>>>> AWS and MAAS do not use the fan.
>>>>>>>
>>>>>>> We are currently working on Juju's network model to make it easier to
>>>>>>> do what you are asking for. My colleague Dimiter Naydenov has been blogging
>>>>>>> about this recently:
>>>>>>>
>>>>>>>
>>>>>>> https://insights.ubuntu.com/2015/11/08/deploying-openstack-on-maas-1-9-with-juju/
>>>>>>>
>>>>>>> So for DO we don't have any transparent Juju solution for you, but we
>>>>>>> are actively developing the capabilities of Juju's networking model.
>>>>>>>
>>>>>>> HTH
>>>>>>>
>>>>>>> On 6 January 2016 at 17:29, Patrik Karisch <patrik.karisch at gmail.com>
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I'm wondering what Juju does to make services deployed into LXC
>>>>>>>> containers on different machines reachable within the whole environment?
>>>>>>>> Does it use Fan or something?
>>>>>>>>
>>>>>>>> Currently I'm trying Juju on Digital Ocean, where a machine has only
>>>>>>>> one private IP and can't get more. I don't have the budget to run every
>>>>>>>> service in a new machine, so they must reside in containers on a limited
>>>>>>>> bunch of machines.
>>>>>>>>
>>>>>>>> Best regards
>>>>>>>> Patrik
>>>>>>>>
>>>>>>>> --
>>>>>>>> Juju mailing list
>>>>>>>> Juju at lists.ubuntu.com
>>>>>>>> Modify settings or unsubscribe at:
>>>>>>>> https://lists.ubuntu.com/mailman/listinfo/juju
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Andrew McDermott <andrew.mcdermott at canonical.com>
>>>>>>> Juju Core Sapphire team <http://juju.ubuntu.com>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Andrew McDermott <andrew.mcdermott at canonical.com>
>>>>> Juju Core Sapphire team <http://juju.ubuntu.com>
>>>>>
>>>>> --
>>>>> Juju mailing list
>>>>> Juju at lists.ubuntu.com
>>>>> Modify settings or unsubscribe at:
>>>>> https://lists.ubuntu.com/mailman/listinfo/juju
>>>>>
>>>>
>>>> --
>>>> Juju mailing list
>>>> Juju at lists.ubuntu.com
>>>> Modify settings or unsubscribe at:
>>>> https://lists.ubuntu.com/mailman/listinfo/juju
>>
>>
>>
>>
>> --
>> Andrew McDermott <andrew.mcdermott at canonical.com>
>> Juju Core Sapphire team <http://juju.ubuntu.com>
>
>
>
>
> --
> Andrew McDermott <andrew.mcdermott at canonical.com>
> Juju Core Sapphire team <http://juju.ubuntu.com>

More information about the Juju mailing list