[systemd-devel] networkd must start before nspawn at container

arnaud gaboury arnaud.gaboury at gmail.com
Sun May 3 10:24:59 PDT 2015 

On Sat, May 2, 2015 at 11:27 AM, arnaud gaboury
<arnaud.gaboury at gmail.com> wrote:
>
> My host/conatiner networking are both managed by systemd-netwrokd. I
> have a bridge Br0 on host and vb-MyContainer for the conatiner. Both
> have a fix local IP.
>
> I boot container at host boot  this way:
>
> ------------------------------------------
> $ cat /etc/systemd/system/systemd-nspawn at .service
> .................
> ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot
> --link-journal=try-guest --network-bridge=br0 --machine=
> ------------------------------------------
>
> Unfortunately, systemd-nspawn at poppy fails sometimes at boot :
>
> ----------------------------------------------------------------------------
> $ systemctl status systemd-nspawn at poppy
>systemd-nspawn at poppy.service - Container poppy
>    Loaded: loaded (/etc/systemd/system/systemd-nspawn at .service;
> enabled; vendor preset: disabled)
>    Active: failed (Result: exit-code) since Fri 2015-05-01 19:34:56
> CEST; 50s ago
>      Docs: man:systemd-nspawn(1)
>   Process: 544 ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit
> --boot --link-journal=try-guest --net
>
>  work-bridge=br0 --machine=%I (code=exited, status=1/FAILURE)
>  Main PID: 544 (code=exited, status=1/FAILURE)
>
> May 01 19:34:55 hortensia systemd[1]: Starting Container poppy...
> May 01 19:34:55 hortensia systemd-nspawn[544]: Failed to resolve
> interface br0: No such device
> May 01 19:34:56 hortensia systemd[1]: systemd-nspawn at poppy.service:
> main process exited, code=exite...LURE
> May 01 19:34:56 hortensia systemd[1]: Failed to start Container poppy.
> May 01 19:34:56 hortensia systemd[1]: Unit
> systemd-nspawn at poppy.service entered failed state.
> May 01 19:34:56 hortensia systemd[1]: systemd-nspawn at poppy.service failed.
> Hint: Some lines were ellipsized, use -l to show in full.
> --------------------------------------------------------------------------
>
> Obviously the reason is networkd has not been activated. I solved this
> issue this way:
>
> $  cat /etc/systemd/system/network.target
> --------------------------------------------------
> [Unit]
> Description=Network
> Documentation=man:systemd.special(7)
> Documentation=http://www.freedesktop.org/wiki/Software/systemd/NetworkTarget
> After=network-pre.target
> RefuseManualStart=yes
>
> [Install]
> WantedBy=machines.target
> ----------------------------------------------
> # systemctl enable machines.target
>
> I added machines.target in Before section options in systemd-netwrokd.service
> $ cat /etc/systemd/system/systemd-netwrokd.service
> --------------------------------------
> .............
> Before=network.target multi-user.target shutdown.target machines.target
> ..................
> -----------------------------------------
>
> My issue is now solved. I just wonder if my setting is a good practice.


My issue is not solved at all and systemd-nspawn will not start at
host boot because Br0 interface is not found.
I am trying to figure out how to ensure netwrokd will be started
before systemd-nspawn with playing with target units and before and
after options, but can't find a solution.

 I crated /etc/systemd/system/network.target
-----------------------------------------------------------
[Unit]
Description=Network
Documentation=man:systemd.special(7)
Documentation=http://www.freedesktop.org/wiki/Software/systemd/NetworkTarget
After=network-pre.target
Before=machines.target
RefuseManualStart=yes

[Install]
WantedBy=multi-user.target
----------------------------------------------------------------

 I crated /etc/systemd/system/machines.target
----------------------------------------------------
[Unit]
Description=Containers
Documentation=man:systemd.special(7)
Requires=basic.target
Conflicts=rescue.service rescue.target
After=basic.target rescue.service rescue.target
Before=network.target

[Install]
WantedBy=multi-user.target
-----------------------------------------------------------


modified systemd-networkd:
-----------------------------------------------------
[Unit]
Description=Network Service
Documentation=man:systemd-networkd.service(8)
ConditionCapability=CAP_NET_ADMIN
DefaultDependencies=no
# dbus.service can be dropped once on kdbus, and systemd-udevd.service can be
# dropped once tuntap is moved to netlink
After=systemd-udevd.service dbus.service network-pre.target
systemd-sysusers.service
Before=network.target multi-user.target shutdown.target machines.target
Conflicts=shutdown.target
Wants=network.target
------------------------------------------------------

modified systemd-nspawn at service
-----------------------------------------------------
[Unit]
Description=Container %I
Documentation=man:systemd-nspawn(1)
PartOf=machines.target
Before=machines.target network.target

[Service]
ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot
--link-journal=try-guest --network-bridge=br0 --machine=%I
KillMode=mixed
Type=notify
RestartForceExitStatus=133
SuccessExitStatus=133
Delegate=yes

[Install]
WantedBy=machines.target
----------------------------------------------------

$ tree /etc/systemd/system
....................
├── machines.target.wants
│   └── systemd-nspawn at poppy.service ->
/etc/systemd/system/systemd-nspawn at .service
...................................
├── multi-user.target.wants
│   ├── acpid.service -> /usr/lib/systemd/system/acpid.service
│   ├── adb.service -> /usr/lib/systemd/system/adb.service
│   ├── dkms.service -> /usr/lib/systemd/system/dkms.service
│   ├── fstrim.timer -> /usr/lib/systemd/system/fstrim.timer
│   ├── haveged.service -> /usr/lib/systemd/system/haveged.service
│   ├── iptables.service -> /usr/lib/systemd/system/iptables.service
│   ├── machines.target -> /etc/systemd/system/machines.target
│   ├── mysqld.service -> /usr/lib/systemd/system/mysqld.service
│   ├── network.target -> /etc/systemd/system/network.target
│   ├── psd.service -> /etc/systemd/system/psd.service
│   └── remote-fs.target -> /usr/lib/systemd/system/remote-fs.target
...............................................................
├── network.target.wants
│   └── systemd-networkd.service -> /etc/systemd/system/systemd-networkd.service



>
> Thank you for advice
>
>

More information about the systemd-devel mailing list