search

lxc / lxc-ci

LXC continuous integration and build scripts
https://jenkins.linuxcontainers.org
Apache License 2.0
271 stars 138 forks source link

almalinux/rockylinux 9 images don't bring up their eth0 interfaces #826

Closed dimitry-unified-streaming closed 7 months ago

dimitry-unified-streaming commented 7 months ago

I tried this with: rockylinux/9/default/amd64 (and arm64) 20240427_02:06 and almalinux/9/default/amd64 (and arm64) 20240426_23:08; all these launch successfully, but their network interface never comes up, and NetworkManager in the container says the interface is "unmanaged":

$ incus launch images:rockylinux/9/amd64 test-rockylinux9-amd64-1
Launching test-rockylinux9-amd64-1

$ incus info test-rockylinux9-amd64-1
Name: test-rockylinux9-amd64-1
Status: RUNNING
Type: container
Architecture: x86_64
Location: ubuntu22-amd64-incus-3
PID: 122057
Created: 2024/04/27 19:57 UTC
Last Used: 2024/04/27 19:57 UTC

Resources:
  Processes: 16
  CPU usage:
    CPU usage (in seconds): 1
  Memory usage:
    Memory (current): 117.48MiB
  Network usage:
    eth0:
      Type: broadcast
      State: DOWN
      Host interface: enp1s0
      MAC address: 00:16:3e:33:24:74
      MTU: 1500
      Bytes received: 0B
      Bytes sent: 176B
      Packets received: 0
      Packets sent: 2
      IP addresses:
    lo:
      Type: loopback
      State: UP
      MTU: 65536
      Bytes received: 0B
      Bytes sent: 0B
      Packets received: 0
      Packets sent: 0
      IP addresses:
        inet:  127.0.0.1/8 (local)
        inet6: ::1/128 (local)

$ incus exec test-rockylinux9-amd64-1 bash

[root@test-rockylinux9-amd64-1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
50: eth0@if2: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 00:16:3e:33:24:74 brd ff:ff:ff:ff:ff:ff link-netnsid 0

[root@test-rockylinux9-amd64-1 ~]# nmcli
lo: connected (externally) to lo
    "lo"
    loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
    inet4 127.0.0.1/8
    inet6 ::1/128

eth0: unmanaged
    "eth0"
    macvlan, 00:16:3E:33:24:74, sw, mtu 1500

Use "nmcli device show" to get complete information about known devices and
"nmcli connection show" to get an overview on active connection profiles.

Consult nmcli(1) and nmcli-examples(7) manual pages for complete usage details.

Exactly the same happens with almalinux/9, and for both amd64 and arm64 architectures.

With rockylinux/8 and almalinux/8, everything works fine, and the network interface comes up. However, these distros don't seem to use NetworkManager, but the old /etc/sysconfig/network-scripts/ifcfg-eth0 file:

[root@test-rockylinux8-amd64-1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
HOSTNAME=test-rockylinux8-amd64-1
TYPE=Ethernet
MTU=
DHCP_HOSTNAME=test-rockylinux8-amd64-1
IPV6INIT=yes

which is handled by the /etc/rc.d/init.d/network script (though it is started by systemd).

stgraber commented 7 months ago

Most likely related to the use of macvlan.

We do have automated testing of all our images which confirm their networking to be functional on standard bridge networking prior to publishing.

dimitry-unified-streaming commented 7 months ago

Indeed my default profile had macvlan, and since I found out (first from experience, then from the docs) that you can't reach containers on the same host, I switched the default profile to bridge. Now it does work:

$ incus profile show default
config: {}
description: Default Incus profile
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: br200
    type: nic
  root:
    path: /
    pool: local
    type: disk
...

$ incus launch images:rockylinux/9 test-rocky9-1
Launching test-rocky9-1
...

$ incus list
+---------------------+---------+---------------------+------+-----------+-----------+------------------------+
|        NAME         |  STATE  |        IPV4         | IPV6 |   TYPE    | SNAPSHOTS |        LOCATION        |
+---------------------+---------+---------------------+------+-----------+-----------+------------------------+
| test-rocky9-1       | RUNNING | 10.200.0.97 (eth0)  |      | CONTAINER | 0         | ubuntu22-amd64-incus-1 |
+---------------------+---------+---------------------+------+-----------+-----------+------------------------+
stgraber commented 7 months ago

Right, so our config is likely perfectly correct but NetworkManager must have some issue when running on top of a macvlan device for some reason.