[systemd-devel] network interface down in container

arnaud gaboury arnaud.gaboury at gmail.com
Thu Apr 30 03:48:04 PDT 2015 

On Thu, Apr 30, 2015 at 12:18 PM, arnaud gaboury
<arnaud.gaboury at gmail.com> wrote:
> On Thu, Apr 30, 2015 at 11:44 AM, Lennart Poettering
> <lennart at poettering.net> wrote:
>> On Thu, 30.04.15 10:01, arnaud gaboury (arnaud.gaboury at gmail.com) wrote:
>>
>>> I used to boot the container this way :
>>> # systemd-nspawn --network-bridge=br0 -bD /path_to/my_container
>>>
>>> Is this correct?
>>
>> Looks fine.
>>
>>>
>>>
>>>           *****************
>>> Now on the container side:
>>>
>>> Nothing configured. NetworkManager enabled, systemd-networkd enabled
>>> and started.
>>
>> NM doesn't really support being run in a container.
>
> I want to disable it to avoid any potential conflict.
>
> systemctl mask NetworkManager
> systemctl mask NetworkManager-dispatcher
>
> But when rebooting, it is enabled again. I guess I must write a custom
> service file to mask it ?
>
>>
>>> -------------------------------
>>> $ ip a
>>> 2: host0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group
>>> default qlen 1000
>>>     link/ether 0e:7f:c3:fb:25:b1 brd ff:ff:ff:ff:ff:ff
>>> -------------------------------------
>>> host0 is down
>>
>> Please check what "networkctl status -a" in the container shows. It
>> should tell you whether networkd is configured to do anything.
> <E2><97><8F> 1: lo
>    Link File: n/a
> Network File: n/a
>         Type: loopback
>        State: carrier (unmanaged)
>          MTU: 65536
>      Address: 127.0.0.1
>               ::1
>
> <E2><97><8F> 2: host0
>    Link File: n/a
> Network File: n/a
>         Type: ether
>        State: off (unmanaged)
>   HW Address: 0e:7f:c3:fb:25:b1
>          MTU: 1500
>
> Not really sain
>
>>
>> Also, what does "journalctl -u systemd-networkd -n 200" show in the
>> container?
> Apr 30 12:10:55 poppy systemd[1]: Starting Network Service...
> Apr 30 12:10:56 poppy systemd-networkd[249]: Enumeration completed
> Apr 30 12:10:56 poppy systemd[1]: Started Network Service.
>
> sounds OK.
>
> As said, the only error when booting container is:
>
> Apr 27 13:18:01 poppy firewalld[35]: 2015-04-27 13:18:01 ERROR:
> ebtables not usable, disabling ethernet bridge firewall.
> Apr 27 13:18:01 poppy firewalld[35]: 2015-04-27 13:18:01 FATAL ERROR:
> No IPv4 and IPv6 firewall.
> Apr 27 13:18:01 poppy firewalld[35]: 2015-04-27 13:18:01 ERROR:
> Raising SystemExit in run_server
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  NetworkManager
> (version 1.0.0-8.fc22) is starting...
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  Read config:
> /etc/NetworkManager/NetworkManager.conf
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  WEXT support is enabled
> Apr 27 13:18:01 poppy NetworkManager[67]: <warn>  Could not get
> hostname: failed to read /etc/sysconfig/network
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  Acquired D-Bus
> service com.redhat.ifcfgrh1
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  Loaded plugin
> ifcfg-rh: (c) 2007 - 2013 Red Hat, Inc.  To report bugs please use the
> NetworkManager mailing list.
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  Loaded plugin
> keyfile: (c) 2007 - 2013 Red Hat, Inc.  To report bugs please use the
> NetworkManager mailing list.
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  parsing
> /etc/sysconfig/network-scripts/ifcfg-lo ...
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  monitoring kernel
> firmware directory '/lib/firmware'.
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  WiFi enabled by
> radio killswitch; enabled by state file
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  WWAN enabled by
> radio killswitch; enabled by state file
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  WiMAX enabled by
> radio killswitch; enabled by state file
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  Networking is
> enabled by state file
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  (br0): link connected
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  (br0): carrier is ON
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  (br0): new Bridge
> device (driver: 'bridge' ifindex: 3)
> Apr 27 13:18:01 poppy NetworkManager[67]: <info>  (br0): exported as
> /org/freedesktop/NetworkManager/Devices/0
>
>
> Not sure if it has any impact

Do not know if it is a clean approach, but issue is solved with a
static IP (that is what I want).


On host:

$ cat /etc/systemd/networkd/bridge.network

[Match]
Name=br0

[Network]
DNS=192.168.1.254

[Address]
Address=192.168.1.87/24

[Route]
Gateway=192.168.1.254

# ln -sf /dev/null /etc/systemd/network/80-container-host0.network

-----------------------------------------

On container

$ cat /etc/systemd/networkd/poppy.network
[Match]
Name=host0

[Network]
DNS=192.168.1.254
Address=192.168.1.94/24
Gateway=192.168.1.254
-bash-4.3#

# ln -sf /dev/null /etc/systemd/network/80-container-host0.network

------------------------------------------------------------------------

#  systemd-nspawn --network-bridge=br0 -bD /var/lib/machines/poppy

host:
$ ip a
7: vb-poppy: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master br0 state UP group default qlen 1000
    link/ether 0e:9a:d7:18:a3:59 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::c9a:d7ff:fe18:a359/64 scope link
       valid_lft forever preferred_lft forever


container:
$ ip a
2: host0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
    link/ether 0e:7f:c3:fb:25:b1 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.94/24 brd 192.168.1.255 scope global host0
       valid_lft forever preferred_lft forever
    inet6 fe80::c7f:c3ff:fefb:25b1/64 scope link
       valid_lft forever preferred_lft forever

~
~


>
>> Lennart
>>
>> --
>> Lennart Poettering, Red Hat
>

More information about the systemd-devel mailing list