RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1832603 - NetworkManager can not manage veth devices in containers (device lo not available because device is strictly unmanaged)
Summary: NetworkManager can not manage veth devices in containers (device lo not avail...
Keywords:
Status: CLOSED WORKSFORME
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: NetworkManager
Version: 8.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 8.0
Assignee: sushil kulkarni
QA Contact: Desktop QE
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-05-06 21:22 UTC by Joachim von Thadden
Modified: 2023-03-10 22:56 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-05-07 12:09:45 UTC
Type: Bug
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker NMT-376 0 None None None 2023-03-10 22:56:45 UTC

Description Joachim von Thadden 2020-05-06 21:22:29 UTC
Description of problem:

When running in a container (e.g. lxc) the ehternet devices are represented by a pair of veth devices. Normally nm refuses to manage those devices as they are managed outside nm by default. It does so by bundled usev rules in /usr/lib/udev/rules.d/85-nm-unmanaged.rules which has:
ENV{ID_NET_DRIVER}=="veth", ENV{NM_UNMANAGED}="1"

Note that inside a container, no udev is available and consequently veth devices are not marked as unmanaged -- that is intended because in a container we want to manage veth devices. Nevertheless, all devices in a e.g. lxc container are unmanaged and not able to change that:

# nmcli 
enp94s0f0: unmanaged
        "enp94s0f0"
        ethernet (veth), 00:16:3E:0D:C2:69, sw, mtu 1500

enp94s0f1: unmanaged
        "enp94s0f1"
        ethernet (veth), 00:16:3E:8C:99:1F, sw, mtu 1500

enp97s0f0: unmanaged
        "enp97s0f0"
        ethernet (veth), 00:16:3E:DD:D1:C7, sw, mtu 1500


# nmcli dev set enp97s0f0 managed yes

Log:
May 06 23:17:08 iac44-rhv1.rhv44.infra-as-code.org NetworkManager[2951]: <info>  [1588799828.4015] audit: op="device-managed" arg="managed" pid=3206 uid=0 result="success"

# nmcli con up enp97s0f0
Error: Connection activation failed: No suitable device found for this connection (device lo not available because device is strictly unmanaged).

Log:
May 06 23:18:03 iac44-rhv1.rhv44.infra-as-code.org NetworkManager[2951]: <info>  [1588799883.0654] agent-manager: agent[46e4f4ceb4aeb40c,:1.201/nmcli-connect/0]: agent registered
May 06 23:18:03 iac44-rhv1.rhv44.infra-as-code.org NetworkManager[2951]: <info>  [1588799883.0666] audit: op="connection-activate" uuid="e7755f47-96b0-471b-9279-50c82ffb8ab2" name="enp97s0f0" result="fail" reason="No suitable device found for this connection (device lo not available because device is strictly unmanaged)."


For sure changing the udev rules or adding another one makes no difference here. Note that this is working in a RHEL7 machine with latest updates.


Version-Release number of selected component (if applicable):
NetworkManager-1.22.8-4.el8.x86_64

How reproducible:
always

Steps to Reproduce:
1. install RHEL8 in a container, e.g. lxc
2. use nmcli to create and enable an interface
3. enabling is not working as device is "strictly unmanaged"

Actual results:
Device can not be managed with NetworkManager and thus the whole container is not reboot safe.

Expected results:
Device can be managed with NetworkManager within containers.

Additional info:

Comment 2 Joachim von Thadden 2020-05-07 12:09:45 UTC
I have no idea why, but I can not reproduce my own bug, so I am closing it for now.

Seems that there are states possible where NM is refusing to manage interfaces, but I can not reproduce how I got there.


Note You need to log in before you can comment on or make changes to this bug.