QNAP LXD Container VLANs

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] so [Music] hello and welcome back to the channel once again and this is scott so today we're going to talk about qnap lexi containers operating on vlans so this video is a follow-on from my qnap container station lexi versus lexd and also my network magic using lans and vlans and also my qnap container station secrets tutorials this presentation is going to focus on how to present lexd containers on vlans qnap container station does not support using vlans defined in the qnap network and virtual switch application qnap vlan support works in qnap virtualization station but it does not work in container station and qnap support states that vlans are unsupported in container station so to use vlans most qnap users and lex d users in general present containers on a physical adapter where the attached switch port is set to the desired tagged vlan number via the managed switch port profile this tutorial focuses on a much better way to achieve that so your network infrastructure vlans can isolate traffic from other vlans and each vlan has its own dedicated private address space so as an example you might have a dedicated vlan for all of your iot devices that maybe are untrusted on your network or you might have an isolated vlan for your cameras that produce a lot of traffic that you don't want to have share with your main network so you must have a router and manage switch that supports the creation and management of vlans we're going to use ubiquiti unifi routers and switches in our examples we must create the vlan on the router first and then we're going to create the lxd containers on the vlan so qnap network and virtual switch is an app that lets you create virtual switches that can communicate with one of the four network adapters normally found on most qnap nas devices tagged vlan devices can also be added to qnap network and virtual switch and they work great in virtualization station for your vms but they make the entire adapter that they're defined on and the vlan devices invisible to container station as a consequence we need a better solution well actually one that works at all so we're going to use the lexi command line on the qnap container station lacks any understanding of vlans the lexi command line allows the creation of what are called container profiles we will create a container profile that will select a physical adapter on the qnap and connect that adapter to a vlan this has no negative consequences to other containers on container station and we will create a lxd container that uses that profile and will receive a dhcp address on the target vlan that we've created okay so here we are in the uh unify controller program we're in the classic settings so that we can do everything a little bit more easily most unify users would agree let's go down and click on the gear let's go to networks and i have several vlans already defined here but i'm going to go ahead and create a new network for the purposes of this demonstration and we're just going to call this one uh test vlan test vlan and we're going to create it as a corporate network the reason for that is because if we create it as a vlan only we don't get to add a dhcp server and that other other stuff so we're going to go ahead and create it as a corporate network we're going to say it's going to be vlan 100 and we're going to go ahead and define its address to be 192.168.100.1 dot one will be the gateway and we'll give it a subnet mask of 24 and we'll go ahead and say update the dhcp range so the dhcp range is 100.6 to 100.254. and we'll go ahead and create that network so now the network exists you can see here there's a test vlan and it's vlan 100. so i have a switch port here that is called vms fog vlans vms fog is the name of the qnap server and if i go down and i look at this particular port you can see that its switchport profile is set to all you can go down and define switchport profiles to be whatever you want they can be a combination of vlans or they can be one particular vlan so for example if we if we clicked on this we could go down and we could set this to test vlan 100 but we're not going to do that we're going to leave its switchport profile set to all so by default when we set a switchport profile equal to all any client connecting to that switch port is going to connect to the default untagged lan so whatever your main network address spaces and not the vlan address space all right so here's the qnap network and virtual switch application the first column shows you virtual adapters which really what they are is they're the various containers that you have whether they're vms uh docker containers or lexi lex d the second column shows you some virtual switches that you can name and the third column shows you your physical adapters so the adapter that we just looked at the switch side of that adapter that we just looked at set to switch port profile all is here adapter three and this is it right now and so anything that connects to this could really be connected to any um could be connected to any vlan and by default like i said it would be connected to the main vlan or the untagged vlan and would get an address from the main network so that's not what we want here but i'm going to demonstrate that you can go in here to this adapter three what we do here is we go over to interfaces and it lists them tabularly and we can go find our adapter three we can click over here and say out of vlan and we're going to just call this thing vlan 100 or we're going to say vlan 100 because we know vlan 100 exists out there and we'll just call it my test vlan so the idea here is we want to go ahead and connect to this existing vlan so this thing cranks around for a little bit it's going to create a vlan adapter and there you go so it connected so if we go to overview and overview we can now see that we have a vlan adapter over here in place of adapter okay and i could create multiple vlan adapters actually and uh and and have them out here so basically i'm one adapter i can have multiple networks that's kind of the whole point of the vlans anyway if we go to container station as i mentioned container station doesn't support these things and to and to demonstrate that if i do a create and i go over here and say i want to create an ubuntu container and i go over to my lexi image server and i say create me a zinio container and i go ahead and call this i don't know test dash server and i go over here to advanced settings and i click on nat and change to bridge there's adapter one and two which is my main network and here's adapter four which is my lab net network and you'll notice that adapter 3 is down here vlam 100 and it doesn't show at all and that's why we can't do it that way so we're going to back up here and we're going to go ahead and delete that vlan i'm going to go back to interfaces and we're going to go over here to this vlan and we're going to say delete this vlan and say ok and so once the vlan is deleted adapter 3 is back here again adapter 3 is connected now we're going to go into container station once again this time we're going to go ahead and try to create a container just to show you that it will work this time i'm going to say create we're going to search for ubuntu we're going to go to lex d image server we're going to say install a xenial do test dash server go to advanced settings go down to network select bridge go under adapter and magically adapter 3 is back again we don't want to do that because if we created it under adapter 3 we would end up getting the untagged vlan and if i tagged it to one particular vlan then unfortunately adapter 3 would only be good for that vlan so we're going to show you how you can create containers that can point to the different vlans okay so here we are at the command prompt and we're going to ssh into our qnap nas we're going to quit out of this menu and exit to the shell all right so the first thing that we want to do is we're going to do a lexi list and we're not going to see any lex d containers because there aren't any lex d containers and we don't see any lex c containers because lex c doesn't manage lex c it only manages lex d and the next thing we're going to do is we're going to do a lexi profile list so there's one profile a profile is basically a template for how it builds containers so the next thing we're going to do is an ip route shell and i know from looking at my previous screens when i was up in the gui that this right here represents adapter 3 and its device name is qvs1 so what i'm going to do here is i'm going to do a first of all i'm going to create a new profile and the profile is going to be called vlan 100 the next thing i'm going to do is i'm going to add some settings to vlan 100 and the settings that i'm going to add are going to be vlan 100 to device eth0 which is the controller within the container it's going to be a mac vlan it's its parent is going to be qvs1 that we just talked about and we're going to be using vlan 100 so now we've added that so now what i'm going to do is i'm going to go ahead and create a container so i'm going to do a lex c launch ubuntu 2004 i'm going to call the container new test it's going to use profile default to get some of its values from and it's going to use profile vlan 100 to get the network information from and then i have uh this security switch here which says to run the container privileged and if you watch my previous videos you noted that qnap containers have to run privileged in order to operate correctly the lexd containers are limited to that requirement okay so now our container has been created we can do a lexi list and magically we see that that container is running at 192.168.100.45 so we have created a container and we have it running correctly on the vlan so here we are back in the container station gui you can see that new test is running up here i can go down to the command prompt and i can type in my password hopefully it will log in up okay let me try my username here and my password i had created a username earlier okay and now i'm going to do an if config and this thing is running at 192.168.100.52 so we're going to go ahead and bring up a terminal and we'll say ssh over to scott at 192.168.100.52 and provide our password and there we are we're logged in so as you can see we have connection to a lxd container and if we do an ifconfig inside the container the container says it's running at 192.1 okay so in summary we accomplished a lot today we defined vlan 100 on our unifi router on the 192.168. network we set the network switch port to which the qnap nas was connected to profile all to be able to connect to all vlans that were defined on the network we demonstrated that vlans and qnap network and virtual switch don't work with container station and we created a lxd profile for vlan 100 and created an ubuntu container using that profile and it got an address on vlan 100 so any number of lexd profiles with different vlans could be created to allow many lex d containers to connect to as many vlans on a network as are offered on that network through a single physical network adapter and that's it for today thank you so much and i hope you like and subscribe and we'll see you next time [Music] [Applause] [Music] you

Info

Channel: Scotti-BYTE Enterprise Consulting Services

Views: 122

Rating: undefined out of 5

Keywords:

Id: TEZiCrf6jso

Channel Id: undefined

Length: 17min 36sec (1056 seconds)

Published: Tue Nov 02 2021