Bug 1656463 - LXC container can't start after upgrade from 3.9.0 to 4.5.0: "Unsupported net type direct"
Summary: LXC container can't start after upgrade from 3.9.0 to 4.5.0: "Unsupported net...
Status: CLOSED NEXTRELEASE
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libvirt   
(Show other bugs)
Version: unspecified
Hardware: x86_64 Linux
unspecified
low
Target Milestone: ---
Assignee: Laine Stump
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-12-05 15:11 UTC by Maxim
Modified: 2018-12-08 18:04 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-12-08 18:04:22 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Maxim 2018-12-05 15:11:33 UTC
Description of problem:
At least in libvirt 4.5.0 lxc container not start with error
"Unsupported net type direct"

Version-Release number of selected component (if applicable):
Name        : libvirt
Arch        : x86_64
Version     : 4.5.0
Release     : 10.el7_6.3
Size        : 0.0  
Repo        : installed
From repo   : updates

How reproducible:
see below 

Steps to Reproduce:
1.
Make lxc container test1 with next interface sections in config:
<interface type='direct'>
      <mac address='02:00:00:00:00:01'/>
      <source dev='eno1.777' mode='bridge'/>
</interface>
2.
virsh start test1

Actual results:
Container not start

Expected results:
Container started

Additional info:
Centos 7.5 was upgrade to Centos 7.6
Version libvirt changes from 3.9.0 to 4.5.0
After upgrade from Centos 7.5 to Centos 7.6, our test environment
received new version of libvirt 4.5.0
After this our old containers have broken config and can't start:
2018-12-05 10:38:32.634+0000: 18010: debug :
virLXCControllerGetNICIndexes:368 : Getting nic indexes
2018-12-05 10:38:32.634+0000: 18010: error :
virLXCControllerGetNICIndexes:400 : unsupported configuration:
Unsupported net type direct
Failure in libvirt_lxc startup: unsupported configuration: Unsupported
net type direct

We use linux macvlan solutions for libvirt lxc and it's worked at least since libvirt 1.2.7 for us.
As I can see, in version 4.1.0 and later, some changes about DIRECT
connect was implemented.
VIR_DOMAIN_NET_TYPE_DIRECT is  still fully supported in src/lxc/lxc_driver.c
But in src/lxc/lxc_controller.c added some check for group of NET_TYPE:

--- libvirt-3.9.0/src/lxc/lxc_controller.c      2017-09-28
13:15:43.322712913 +0300
+++ libvirt-4.1.0/src/lxc/lxc_controller.c      2018-02-28
16:21:05.158799006 +0300
@@ -395,8 +395,14 @@
         case VIR_DOMAIN_NET_TYPE_INTERNAL:
         case VIR_DOMAIN_NET_TYPE_DIRECT:
         case VIR_DOMAIN_NET_TYPE_HOSTDEV:
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("Unsupported net type %s"),
+                           virDomainNetTypeToString(ctrl->def->nets[i]->type));
+            goto cleanup;
+        case VIR_DOMAIN_NET_TYPE_LAST:
         default:
-            break;
+            virReportEnumRangeError(virDomainNetType,
ctrl->def->nets[i]->type);
+            goto cleanup;
         }
     }

As workaround we can create autostart and persistence network:
<network>
  <name>direct-macvlan</name>
  <forward mode="bridge">
    <interface dev="eno1.777"/>
  </forward>
</network>

and use type=network in lxc config, like this:

   <interface type='network'>
      <mac address='02:00:00:00:00:01'/>
      <source network='direct-macvlan'/>
      <target dev='eth0'/>
    </interface>

After this container with macvlan started.

Comment 1 Laine Stump 2018-12-06 02:37:35 UTC
I noticed this awhile back when I tried to start one of my test LXC domains while working on something else, but didn't have time to investigate, and then forgot. With this reminder (and pointer right to the offending code) I made a patch and was able to quickly test it with my at-the-ready test config, and posted it upstream:

https://www.redhat.com/archives/libvir-list/2018-December/msg00120.html

Comment 2 Laine Stump 2018-12-08 18:04:22 UTC
V2 pushed upstream, will be in libvirt 5.0.0:

commit c55ff370f8306718d5fa8515b907fd87b456dc12
Author: Laine Stump <laine@laine.org>
Date:   Thu Dec 6 09:59:59 2018 -0500

    lxc: don't forbid <interface type='direct'>


Note You need to log in before you can comment on or make changes to this bug.