README 1.72 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
Files in this directory may be used to setup automatic handling of LXC
containers without a fixed IP address, i.e. containers that get their IP by
DHCP.

It requires a dnsmasq server to handler the DHCP stuff. The server may itself
run inside an LXC container.

Setup on the host:

   *  A named pipe at /run/lxcfw/dhcp/fifo created by the lxcfw-dhcp-fifo.conf
      tmpfiles.d configuration (read-/writable only by root).

   *  The lxcfw-dhcp-handler.service starting the lxcfw-dhcp-handler daemon,
      which will read from the FIFO and call lxcfw-hook with the appropriate
      parameters.

   *  Important: Do not use the lxcfw-hook script for container's that get
      their IP by DHCP! Other options (i.e. the container roles defined via
      the lxc.group options) are the same as for containers with fixed IPs.

Setup on the DHCP server:

   *  A pipe at /var/lib/dnsmasq/dnsmasq.fifo, which must be the same FIFO
      as /run/lxcfw/dhcp/fifo on the host, i.e. bind mount it from the host
      inside the container.

   *  dnsmasq must be configured to call lxcfw-dnsmasq-script when DHCP leases
      change (using the --dhcp-script option).

   *  The (optional) lxcfw-dnsmasq-expire service and timer may be enabled to
      make dnsmasq check for expired leases every five minutes.

Installation will put these files in /usr/local/share/lxcfw/dnsmasq (or
similar), since they're not required on the host. Use

   make dnsmasq-install

inside the container to install the lxcfw-dnsmasq-* files (and nothing else).
A PREFIX will be respected. To uninstall, use

   make dnsmasq-uninstall

Note: These scripts are pretty basic, use these at your own risk! All paths
are hardcoded, lxcfw's configuration file will be ignored by these scripts!