No IPv4 from macvlan interface on centos8 on LXD 3.0.3

[technicalflow]

Issue description

Hello All

I got Ubuntu 18.04 install on hardware and got issues running centos8 in lxd container on macvlan profile. When launching any container on lxdbr0 I got IPv4 address - even on centos8 images. When launching any container (beside centos8) on macvlan I got IPv4 address, only centos8 got trouble. On centos8 I cannot start eth0 interface when launching with macvlan profile. Tried this workaround and does not help Same happens on centos/8 and centos/8/cloud. Adding privileged setting also does not help. ifup eth0 Error: Connection activation failed: No suitable device found for this connection (device lo not available because device is strictly unmanaged).

Required information

• Distribution: Ubuntu 18.04
• Distribution version: 18.04

• The output of "lxc info":

  • auth_pki
  • container_last_used_at
  • etag
  • patch
  • usb_devices
  • https_allowed_credentials
  • image_compression_algorithm
  • directory_manipulation
  • container_cpu_time
  • storage_zfs_use_refquota
  • storage_lvm_mount_options
  • network
  • profile_usedby
  • container_push
  • container_exec_recording
  • certificate_update
  • container_exec_signal_handling
  • gpu_devices
  • container_image_properties
  • migration_progress
  • id_map
  • network_firewall_filtering
  • network_routes
  • storage
  • file_delete
  • file_append
  • network_dhcp_expiry
  • storage_lvm_vg_rename
  • storage_lvm_thinpool_rename
  • network_vlan
  • image_create_aliases
  • container_stateless_copy
  • container_only_migration
  • storage_zfs_clone_copy
  • unix_device_rename
  • storage_lvm_use_thinpool
  • storage_rsync_bwlimit
  • network_vxlan_interface
  • storage_btrfs_mount_options
  • entity_description
  • image_force_refresh
  • storage_lvm_lv_resizing
  • id_map_base
  • file_symlinks
  • container_push_target
  • network_vlan_physical
  • storage_images_delete
  • container_edit_metadata
  • container_snapshot_stateful_migration
  • storage_driver_ceph
  • storage_ceph_user_name
  • resource_limits
  • storage_volatile_initial_source
  • storage_ceph_force_osd_reuse
  • storage_block_filesystem_btrfs
  • resources
  • kernel_limits
  • storage_api_volume_rename
  • macaroon_authentication
  • network_sriov
  • console
  • restrict_devlxd
  • migration_pre_copy
  • infiniband
  • maas_network
  • devlxd_events
  • proxy
  • network_dhcp_gateway
  • file_get_symlink
  • network_leases
  • unix_device_hotplug
  • storage_api_local_volume_handling
  • operation_description
  • clustering
  • event_lifecycle
  • storage_api_remote_volume_handling
  • nvidia_runtime
  • candid_authentication
  • candid_config
  • candid_config_key
  • usb_optional_vendorid api_status: stable api_version: "1.0" auth: trusted public: false auth_methods:
  • tls environment: addresses: [] architectures:
  • x86_64
  • i686

  driver: lxc driver_version: 3.0.3 kernel: Linux kernel_architecture: x86_64 kernel_version: 4.15.0-143-generic server: lxd server_pid: 1798 server_version: 3.0.3 storage: btrfs storage_version: 4.15.1 server_clustered: false server_name: sv-mm project: ""

Steps to reproduce

1. Step one lxc launch images:centos/8 cn6 -p macvlan
2. Step two lxc exec cn6 bash
3. Step three ip a && ifup eth0

lxc config show cn6 --expanded architecture: x86_64 config: image.architecture: amd64 image.description: Centos 8 amd64 (20210530_07:08) image.os: Centos image.release: "8" image.serial: "20210530_07:08" limits.cpu: "2" limits.memory: 2GB limits.memory.enforce: soft limits.memory.swap: "false" user.user-data: |

cloud-config

package_upgrade: true
packages:
- curl
locale: en_GB.UTF-8
timezone: Europe/Warsaw
runcmd:
- [touch, /tmp/one]

volatile.base_image: 81ead575d0af5e62f761c49e86889b24f8a4583278e4dde71930f27c364f2ebe volatile.eth0.hwaddr: 00:16:3e:72:6b:79 volatile.idmap.base: "0" volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]' volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]' volatile.last_state.power: RUNNING devices: eth0: name: eth0 nictype: macvlan parent: enp0s10 type: nic root: path: / pool: defaultsp1 type: disk ephemeral: false profiles:

• macvlan stateful: false description: ""

From inside container systemctl --failed UNIT LOAD ACTIVE SUB DESCRIPTION
sys-kernel-config.mount loaded failed failed Kernel Configuration File System

journalctl -xe May 30 13:02:20 cn6 systemd-journald[140]: Runtime journal (/run/log/journal/25a9046e4f414316b71a05d97db99628) is 8.0M, max 385.9M, 377.9M free. Subject: Disk space used by the journal Defined-By: systemd Support: https://access.redhat.com/support Runtime journal (/run/log/journal/25a9046e4f414316b71a05d97db99628) is currently using 8.0M. Maximum allowed usage is set to 385.9M. Leaving at least 578.9M free (of currently available 3.7G of disk space). Enforced usage limit is thus 385.9M, of which 377.9M are still available. The limits controlling how much disk space is used by the journal may be configured with SystemMaxUse=, SystemKeepFree=, SystemMaxFileSize=, RuntimeMaxUse=, RuntimeKeepFree=, RuntimeMaxFileSize= settings in /etc/systemd/journald.conf. See journald.conf(5) for details. May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '0' to 'kernel/yama/ptrace_scope', ignoring: Permission denied May 30 13:02:20 cn6 mount[136]: mount: /sys/kernel/config: permission denied. May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '|/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e' to 'kerne l/core_pattern', ignoring: Permission denied May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '16' to 'kernel/sysrq', ignoring: Permission denied May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '1' to 'kernel/core_uses_pid', ignoring: Permission denied May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '1' to 'kernel/kptr_restrict', ignoring: Permission denied May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write 'fq_codel' to 'net/core/default_qdisc', ignoring: No such file or dire ctory May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '1' to 'fs/protected_hardlinks', ignoring: Permission denied May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '1' to 'fs/protected_symlinks', ignoring: Permission denied May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '81920' to 'net/core/optmem_max', ignoring: No such file or directory

May 30 13:02:20 cn6 systemd-sysctl[137]: Couldn't write '4194304' to 'kernel/pid_max', ignoring: Permission denied May 30 13:02:20 cn6 systemd[1]: Starting Flush Journal to Persistent Storage... -- Subject: Unit systemd-journal-flush.service has begun start-up

1 loaded units listed. Pass --all to see loaded but inactive units, too. To show all installed unit files use 'systemctl list-unit-files'.

[tomponline]

@stgraber I believe this is a known issue with centos 8 and macvlan, namely that network manager doesn't recognize it as a managed Ethernet device as it sees it as a preconfigured macvlan interface as ignores it. Worth moving to distrobuilder?

[stgraber]

Yeah, we can move the issue to distrobuilder to see if there's a workaround we can put in place in our shiny new systemd-generator.

[monstermunchkin]

@technicalflow is this still an issue for you?

[technicalflow]

Hello @monstermunchkin

No, it is an old issue with container image.