Bug 1832603
| Summary: | NetworkManager can not manage veth devices in containers (device lo not available because device is strictly unmanaged) | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Joachim von Thadden <j.thadden> |
| Component: | NetworkManager | Assignee: | sushil kulkarni <sukulkar> |
| Status: | CLOSED WORKSFORME | QA Contact: | Desktop QE <desktop-qa-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.4 | CC: | acardace, atragler, bgalvani, btds, lrintel, rkhan, sukulkar, thaller, till |
| Target Milestone: | rc | ||
| Target Release: | 8.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-05-07 12:09:45 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
I have no idea why, but I can not reproduce my own bug, so I am closing it for now. Seems that there are states possible where NM is refusing to manage interfaces, but I can not reproduce how I got there. |
Description of problem: When running in a container (e.g. lxc) the ehternet devices are represented by a pair of veth devices. Normally nm refuses to manage those devices as they are managed outside nm by default. It does so by bundled usev rules in /usr/lib/udev/rules.d/85-nm-unmanaged.rules which has: ENV{ID_NET_DRIVER}=="veth", ENV{NM_UNMANAGED}="1" Note that inside a container, no udev is available and consequently veth devices are not marked as unmanaged -- that is intended because in a container we want to manage veth devices. Nevertheless, all devices in a e.g. lxc container are unmanaged and not able to change that: # nmcli enp94s0f0: unmanaged "enp94s0f0" ethernet (veth), 00:16:3E:0D:C2:69, sw, mtu 1500 enp94s0f1: unmanaged "enp94s0f1" ethernet (veth), 00:16:3E:8C:99:1F, sw, mtu 1500 enp97s0f0: unmanaged "enp97s0f0" ethernet (veth), 00:16:3E:DD:D1:C7, sw, mtu 1500 # nmcli dev set enp97s0f0 managed yes Log: May 06 23:17:08 iac44-rhv1.rhv44.infra-as-code.org NetworkManager[2951]: <info> [1588799828.4015] audit: op="device-managed" arg="managed" pid=3206 uid=0 result="success" # nmcli con up enp97s0f0 Error: Connection activation failed: No suitable device found for this connection (device lo not available because device is strictly unmanaged). Log: May 06 23:18:03 iac44-rhv1.rhv44.infra-as-code.org NetworkManager[2951]: <info> [1588799883.0654] agent-manager: agent[46e4f4ceb4aeb40c,:1.201/nmcli-connect/0]: agent registered May 06 23:18:03 iac44-rhv1.rhv44.infra-as-code.org NetworkManager[2951]: <info> [1588799883.0666] audit: op="connection-activate" uuid="e7755f47-96b0-471b-9279-50c82ffb8ab2" name="enp97s0f0" result="fail" reason="No suitable device found for this connection (device lo not available because device is strictly unmanaged)." For sure changing the udev rules or adding another one makes no difference here. Note that this is working in a RHEL7 machine with latest updates. Version-Release number of selected component (if applicable): NetworkManager-1.22.8-4.el8.x86_64 How reproducible: always Steps to Reproduce: 1. install RHEL8 in a container, e.g. lxc 2. use nmcli to create and enable an interface 3. enabling is not working as device is "strictly unmanaged" Actual results: Device can not be managed with NetworkManager and thus the whole container is not reboot safe. Expected results: Device can be managed with NetworkManager within containers. Additional info: