How to prevent network config in lxc from being overwritten

Discussion in 'Proxmox VE: Networking and Firewall' started by alitvak69, Jul 24, 2016.

  1. alitvak69

    alitvak69 Member

    Joined:
    Oct 2, 2015
    Messages:
    78
    Likes Received:
    0
    Dear all,

    I am trying to add multiple IP addresses inside the lxc container. I know that there are multiple methods, but the one I am looking for is to add extra IP address from within the container using standard network settings of guest OS.

    PCT seems to overwrite ifcfg-eth0 static IP config in my centos7 container no matter what I use. I know that running lxc on ubuntu server with centos containers doesn't cause the issue. I can add several IP addresses to a single interface within the container and even if lxc container config has network settings it doesn't rewrite my cfg file.

    Any way to achieve the same with containers in proxmox ?
     
  2. LnxBil

    LnxBil Well-Known Member

    Joined:
    Feb 21, 2015
    Messages:
    3,116
    Likes Received:
    259
    There are several ways to do this, yet the only that will work with your way is to set the configuration file immutable.
     
  3. alitvak69

    alitvak69 Member

    Joined:
    Oct 2, 2015
    Messages:
    78
    Likes Received:
    0
    How do I do that ?
     
  4. LnxBil

    LnxBil Well-Known Member

    Joined:
    Feb 21, 2015
    Messages:
    3,116
    Likes Received:
    259
  5. fabian

    fabian Proxmox Staff Member
    Staff Member

    Joined:
    Jan 7, 2016
    Messages:
    3,103
    Likes Received:
    473
    you can "touch /etc/network/.pve-ignore.interfaces" to tell PVE to not change that file.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    elBradford likes this.
  6. elBradford

    elBradford New Member

    Joined:
    Sep 9, 2016
    Messages:
    8
    Likes Received:
    3
    Making the file immutable did not fix the issue - in fact, it made it worse. The container refused to boot when that file is immutable.
     
  7. elBradford

    elBradford New Member

    Joined:
    Sep 9, 2016
    Messages:
    8
    Likes Received:
    3
    This solved it for me and allowed me to use a post-up command to configure the interface for snort.
     
  8. alitvak69

    alitvak69 Member

    Joined:
    Oct 2, 2015
    Messages:
    78
    Likes Received:
    0
    Thank you all.
     
  9. fotisevangelou

    fotisevangelou New Member

    Joined:
    Jan 20, 2016
    Messages:
    12
    Likes Received:
    0
    Is there any equivalent trick for Red Hat based OSs (CentOS 7 in particular) where the path to the interfaces is "/etc/sysconfig/network-scripts"?

    Thank you.
     
  10. fotisevangelou

    fotisevangelou New Member

    Joined:
    Jan 20, 2016
    Messages:
    12
    Likes Received:
    0
    As a sidenote, let me add that after a reboot, networking is lost and the container's external IP is the Promox server's IP. But if I do "ifdown eth0 && ifup eth0" right after the reboot, the container will then pick up the correct networking configuration.
     
  11. fabian

    fabian Proxmox Staff Member
    Staff Member

    Joined:
    Jan 7, 2016
    Messages:
    3,103
    Likes Received:
    473
    PVE should not touch any file in the container for which a .pve-ignore. file exists, see PVE Admin Guide
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. fotisevangelou

    fotisevangelou New Member

    Joined:
    Jan 20, 2016
    Messages:
    12
    Likes Received:
    0
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice