====== LXC - Profiles - Create a macvlan profile ======
===== Create the macvlan manually =====
lxc profile create macvlan
returns:
Profile macvlan created
----
===== List the profiles =====
lxc profile list
returns:
+------------+---------+
| NAME | USED BY |
+------------+---------+
| default | 3 |
+------------+---------+
| macvlan | 0 |
+------------+---------+
**NOTE:** This now shows the newly created **macvlan** profile as well.
----
===== Show default settings of the new profile =====
lxc profile show macvlan
returns:
config: {}
description: ""
devices: {}
name: macvlan
used_by: []
----
===== Determine Default Network Route =====
Determine the default IP network on the host.
ip route show default 0.0.0.0/0
returns:
default via 192.168.1.1 dev br0 proto static
**NOTE:** This shows the default Network Device is **br0**.
----
===== Add the Network Device to the macvlan LXD profile =====
lxc profile device add macvlan eth0 nic nictype=macvlan parent=br0
returns:
Device eth0 added to macvlan
**NOTE**: The changes are:
* **eth0** is added as the network interface for LXC.
* **nictype** is set to macvlan
* **parent** is set to br0.
----
===== Display details of the new macvlan profile =====
lxc profile show macvlan
returns:
config: {}
description: ""
devices:
eth0:
nictype: macvlan
parent: br0
type: nic
name: macvlan
used_by: []
----
All Done!
Any containers created using this new profile will get an IP address from the DHCP server of the LAN.
**WARNING**: By using macvlan, your computer’s network interface will appear on the network to have more than one MAC address.
This is fine for Ethernet networks.
However, if your interface is a Wireless interface (with security like WPA/WPA2), then the access point will reject any other MAC addresses coming from your computer.
Therefore, all these will not work in that specific case.
**NOTE**: If your host is in a virtual machine, then it is likely that the VM software will block the DHCP requests of the containers.
To overcome this, configure the host virtual machine to allow **Promiscuous mode**, usually found in Network settings.
Alternatively, try to use a **bridgeprofile**.
----