Bug 1656463
| Summary: | LXC container can't start after upgrade from 3.9.0 to 4.5.0: "Unsupported net type direct" | ||
|---|---|---|---|
| Product: | [Community] Virtualization Tools | Reporter: | Maxim <kolomaxes> |
| Component: | libvirt | Assignee: | Laine Stump <laine> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | unspecified | CC: | laine, libvirt-maint, tburke |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-12-08 18:04:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
I noticed this awhile back when I tried to start one of my test LXC domains while working on something else, but didn't have time to investigate, and then forgot. With this reminder (and pointer right to the offending code) I made a patch and was able to quickly test it with my at-the-ready test config, and posted it upstream: https://www.redhat.com/archives/libvir-list/2018-December/msg00120.html V2 pushed upstream, will be in libvirt 5.0.0:
commit c55ff370f8306718d5fa8515b907fd87b456dc12
Author: Laine Stump <laine>
Date: Thu Dec 6 09:59:59 2018 -0500
lxc: don't forbid <interface type='direct'>
|
Description of problem: At least in libvirt 4.5.0 lxc container not start with error "Unsupported net type direct" Version-Release number of selected component (if applicable): Name : libvirt Arch : x86_64 Version : 4.5.0 Release : 10.el7_6.3 Size : 0.0 Repo : installed From repo : updates How reproducible: see below Steps to Reproduce: 1. Make lxc container test1 with next interface sections in config: <interface type='direct'> <mac address='02:00:00:00:00:01'/> <source dev='eno1.777' mode='bridge'/> </interface> 2. virsh start test1 Actual results: Container not start Expected results: Container started Additional info: Centos 7.5 was upgrade to Centos 7.6 Version libvirt changes from 3.9.0 to 4.5.0 After upgrade from Centos 7.5 to Centos 7.6, our test environment received new version of libvirt 4.5.0 After this our old containers have broken config and can't start: 2018-12-05 10:38:32.634+0000: 18010: debug : virLXCControllerGetNICIndexes:368 : Getting nic indexes 2018-12-05 10:38:32.634+0000: 18010: error : virLXCControllerGetNICIndexes:400 : unsupported configuration: Unsupported net type direct Failure in libvirt_lxc startup: unsupported configuration: Unsupported net type direct We use linux macvlan solutions for libvirt lxc and it's worked at least since libvirt 1.2.7 for us. As I can see, in version 4.1.0 and later, some changes about DIRECT connect was implemented. VIR_DOMAIN_NET_TYPE_DIRECT is still fully supported in src/lxc/lxc_driver.c But in src/lxc/lxc_controller.c added some check for group of NET_TYPE: --- libvirt-3.9.0/src/lxc/lxc_controller.c 2017-09-28 13:15:43.322712913 +0300 +++ libvirt-4.1.0/src/lxc/lxc_controller.c 2018-02-28 16:21:05.158799006 +0300 @@ -395,8 +395,14 @@ case VIR_DOMAIN_NET_TYPE_INTERNAL: case VIR_DOMAIN_NET_TYPE_DIRECT: case VIR_DOMAIN_NET_TYPE_HOSTDEV: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unsupported net type %s"), + virDomainNetTypeToString(ctrl->def->nets[i]->type)); + goto cleanup; + case VIR_DOMAIN_NET_TYPE_LAST: default: - break; + virReportEnumRangeError(virDomainNetType, ctrl->def->nets[i]->type); + goto cleanup; } } As workaround we can create autostart and persistence network: <network> <name>direct-macvlan</name> <forward mode="bridge"> <interface dev="eno1.777"/> </forward> </network> and use type=network in lxc config, like this: <interface type='network'> <mac address='02:00:00:00:00:01'/> <source network='direct-macvlan'/> <target dev='eth0'/> </interface> After this container with macvlan started.