Discussion:
Satitic IP in container
(too old to reply)
arnaud gaboury
2014-03-01 08:18:15 UTC
Permalink
I set up successful a Arch container managed by systemd-nspsawn.

I have an issue setting an IP for the container.

My host is Arch, running custom Kernel 3.13.5-1 (userspace is set) and
systemd-git (lats updated yesterday evening).
dhcpcd.service is disabled and network is started with these profiles:
*************
Description="Bridge connection to container"
Interface=br0
Connection=bridge
BindsToInterfaces=()
IP=no
SkipNoCarrier=yes
*********************
NB : I tried with IP=static Adress='192.168.1.94/24' but nothing changes
****************
Description='hortensia static ethernet connection'
Interface=enp7s0
Connection=ethernet
After=(bridge-hortensia)
IP=static
Address=('192.168.1.87/24')
Gateway='192.168.1.254'
DNS=('212.147.10.180' '212.147.10.162')
*********************

Any other profiles will break the network on host and/or container

Somme command ouptuts:

***@hortensia ➀➀ ~ % ip addr
2: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.87/24 brd 192.168.1.255 scope global enp7s0
valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UNKNOWN group default
link/ether 66:c3:60:92:5f:2c brd ff:ff:ff:ff:ff:ff
*********
***@hortensia ➀➀ /etc/netctl % ip route
default via 192.168.1.254 dev enp7s0
192.168.1.0/24 dev enp7s0 proto kernel scope link src 192.168.1.87
***************

Now I enabled systemd-network with these two files:
70-dahlia.netdev
*************
[Match]
Host=77f348a2b3fb429b85a5de751ea9175a <<< /etc/machie id in conatiner
Virtualization=systemd-nspawn

[NetDev]
Name=br0
Kind=bridge

80-dahlia.network
*****************
[Match]
Virtualization=container
MACAddress=fa:2c:eb:75:bd:a4 <<< container MAC address

[Network]
DHCP=no
DNS=192.168.1.254

[Address]
Address=192.168.1.94/24

[Route]
Gateway=192.168.1.254
*********************************

I start the container this way :
# systemd-nspawn --machine=dahlia -bD /dahlia

Container network is up, but no IP assigned, as returned by ip addr

# systemd-nspawn --machine=dahlia --network-veth --network-bridge=br0 -bD
/dahlia >>>> no network inside container
# systemd-nspawn --machine=dahlia --network-bridge=br0 -bD /dahlia >>>no
network inside container

I certainly miss something, but do not know what.

Thank you for help/hints.
Tom Gundersen
2014-03-01 13:04:03 UTC
Permalink
Post by arnaud gaboury
I set up successful a Arch container managed by systemd-nspsawn.
I have an issue setting an IP for the container.
My host is Arch, running custom Kernel 3.13.5-1 (userspace is set) and
systemd-git (lats updated yesterday evening).
*************
Description="Bridge connection to container"
Interface=br0
Connection=bridge
BindsToInterfaces=()
IP=no
SkipNoCarrier=yes
*********************
NB : I tried with IP=static Adress='192.168.1.94/24' but nothing changes
****************
Description='hortensia static ethernet connection'
Interface=enp7s0
Connection=ethernet
After=(bridge-hortensia)
IP=static
Address=('192.168.1.87/24')
Gateway='192.168.1.254'
DNS=('212.147.10.180' '212.147.10.162')
*********************
Any other profiles will break the network on host and/or container
2: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP group default qlen 1000
link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.87/24 brd 192.168.1.255 scope global enp7s0
valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UNKNOWN group default
link/ether 66:c3:60:92:5f:2c brd ff:ff:ff:ff:ff:ff
*********
default via 192.168.1.254 dev enp7s0
192.168.1.0/24 dev enp7s0 proto kernel scope link src 192.168.1.87
***************
70-dahlia.netdev
*************
[Match]
Host=77f348a2b3fb429b85a5de751ea9175a <<< /etc/machie id in conatiner
Virtualization=systemd-nspawn
[NetDev]
Name=br0
Kind=bridge
80-dahlia.network
*****************
[Match]
Virtualization=container
MACAddress=fa:2c:eb:75:bd:a4 <<< container MAC address
You mean the MAC address of the 'host0' device? This will not be
stable between reboots of the container, so I guess this won't work
(you can verify with "ip link"). I suggest simply matching on the name
instead: "Name=host0". I'll put on our TODO to set persistent MAC
addresses for these devices (assuming we can figure out a stable way
to generate them).

To get some more details, you could try starting networkd manually
(inside the container) in debug mode. It should then print whenever a
matching .network file is found for a given device:

# SYSTEMD_LOG_LEVEL=debug /lib/systemd/systemd-networkd
Post by arnaud gaboury
[Network]
DHCP=no
DNS=192.168.1.254
[Address]
Address=192.168.1.94/24
[Route]
Gateway=192.168.1.254
*********************************
# systemd-nspawn --machine=dahlia -bD /dahlia
Container network is up, but no IP assigned, as returned by ip addr
# systemd-nspawn --machine=dahlia --network-veth --network-bridge=br0 -bD
/dahlia >>>> no network inside container
# systemd-nspawn --machine=dahlia --network-bridge=br0 -bD /dahlia >>>no
network inside container
I certainly miss something, but do not know what.
Thank you for help/hints.
arnaud gaboury
2014-03-01 13:28:43 UTC
Permalink
You mean the MAC address of the 'host0' device? This will not be
Post by Tom Gundersen
stable between reboots of the container, so I guess this won't work
(you can verify with "ip link").
You are right, this address changes across reboot. I get rid of this line.

I suggest simply matching on the name
Post by Tom Gundersen
instead: "Name=host0".
I have a problem with this host0. On container, no host0 listed. If I
remember correcty, I shall start systemd-nspawn with some more options,
like --network-veth, right ?
Post by Tom Gundersen
To get some more details, you could try starting networkd manually
(inside the container) in debug mode. It should then print whenever a
hum hum. Maybe the problem comes from this : the host run systemd-git, BUT
the container systemd 208 !! This could explain my troubles ?
Tom Gundersen
2014-03-01 13:53:35 UTC
Permalink
Post by arnaud gaboury
Post by Tom Gundersen
I suggest simply matching on the name
instead: "Name=host0".
I have a problem with this host0. On container, no host0 listed. If I
remember correcty, I shall start systemd-nspawn with some more options, like
--network-veth, right ?
No, --network-bridge=br0 means that a pair of veth devices are created
(host0 inside the container and vb-* outside), and the vb-* is added
to your bridge br0. So you should really have host0 in the container
with this option. However, if you don't, which device did this mac
address you used to match on come from?
Post by arnaud gaboury
Post by Tom Gundersen
To get some more details, you could try starting networkd manually
(inside the container) in debug mode. It should then print whenever a
hum hum. Maybe the problem comes from this : the host run systemd-git, BUT
the container systemd 208 !! This could explain my troubles ?
Yeah, this won't work, as networkd will not be in your container, so
it can't set up your ip address...

Cheers,

Tom
arnaud gaboury
2014-03-01 14:26:55 UTC
Permalink
Post by Tom Gundersen
No, --network-bridge=br0 means that a pair of veth devices are created
(host0 inside the container and vb-* outside), and the vb-* is added
to your bridge br0. So you should really have host0 in the container
with this option. However, if you don't, which device did this mac
address you used to match on come from?
Yeah, this won't work, as networkd will not be in your container, so
it can't set up your ip address...
Cheers,
Tom
I will maybe see the light then !
I am still confused about what shall be done in the host machine, and what
in the container.
Let's go systemd -git and --network-bridge= br0
arnaud gaboury
2014-03-01 16:24:53 UTC
Permalink
Post by arnaud gaboury
Post by Tom Gundersen
No, --network-bridge=br0 means that a pair of veth devices are created
(host0 inside the container and vb-* outside), and the vb-* is added
to your bridge br0. So you should really have host0 in the container
with this option. However, if you don't, which device did this mac
address you used to match on come from?
Yeah, this won't work, as networkd will not be in your container, so
it can't set up your ip address...
Cheers,
Tom
I will maybe see the light then !
I am still confused about what shall be done in the host machine, and what in the container.
Let's go systemd -git and --network-bridge= br0
I am nearly done.

On host side :
**** /etc/systemd/network/70-dahlia.netdev
[Match]
Host=host0
Virtualization=container

[NetDev]
Name=br0
Kind=bridge

[Match]
Virtualization=container

*** /etc/systemd/network/80-dahlia.network
[Network]
DHCP=no
DNS=('212.147.10.162' '212.147.10.180')


[Address]
Address=192.168.1.94/24

[Route]
Gateway=192.168.1.254
**********
Start the container
# sudo systemd-nspawn --machine=dahlia --network-bridge=br0 -bD /dahlia

On host :

***@hortensia ➤➤ systemd/network % ip addr
2: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.87/24 brd 192.168.1.255 scope global enp7s0
valid_lft forever preferred_lft forever
3: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN group default
link/ether 7a:21:78:cc:bc:a9 brd ff:ff:ff:ff:ff:ff
8: vb-dahlia: <BROADCAST,MULTICAST> mtu 1500 qdisc noop master br0
state DOWN group default qlen 1000
link/ether 7a:21:78:cc:bc:a9 brd ff:ff:ff:ff:ff:ff

Now on Container:

***@dahlia ➤➤ ~ % ip addr
2: host0: <NO-CARRIER,BROADCAST,ALLMULTI,AUTOMEDIA,NOTRAILERS,UP> mtu
1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 3a:4f:1f:c5:b5:d1 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.94/24 brd 192.168.1.255 scope global host0 <<<< IP
is finally here
valid_lft forever preferred_lft forever
***@dahlia ➤➤ ~ % ip route
default via 192.168.1.254 dev host0
192.168.1.0/24 dev host0 proto kernel scope link src 192.168.1.94


BUT
***@dahlia ➤➤ ~ % ping -c 3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
arnaud gaboury
2014-03-03 10:35:13 UTC
Permalink
**** /etc/systemd/network/70-dahlia.netdev ***
[Match]
Host=host0
Virtualization=container
[NetDev]
Name=br0
Kind=bridge
[Match]
Virtualization=container
*** /etc/systemd/network/80-dahlia.network ***
[Network]
DHCP=no
DNS=192.168.1.254
[Address]
Address=192.168.1.94/24
[Route]
Gateway=192.168.1.254
-----------------------------------
Start the container
# sudo systemd-nspawn --machine=dahlia --network-bridge=br0 -bD /dahlia
*** On host : ***
2: enp7s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
link/ether 14:da:e9:b5:7a:88 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.87/24 brd 192.168.1.255 scope global enp7s0
valid_lft forever preferred_lft forever
3: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN group default
link/ether 7a:21:78:cc:bc:a9 brd ff:ff:ff:ff:ff:ff
8: vb-dahlia: <BROADCAST,MULTICAST> mtu 1500 qdisc noop master br0
state DOWN group default qlen 1000
link/ether 7a:21:78:cc:bc:a9 brd ff:ff:ff:ff:ff:ff
*** on Container: ***
On container, I have of course systemd-networkd enable, and no files in /etc/systemd/networkd
2: host0: <NO-CARRIER,BROADCAST,ALLMULTI,AUTOMEDIA,NOTRAILERS,UP> mtu
1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 3a:4f:1f:c5:b5:d1 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.94/24 brd 192.168.1.255 scope global host0
valid_lft forever preferred_lft forever
default via 192.168.1.254 dev host0
192.168.1.0/24 dev host0 proto kernel scope link src 192.168.1.94
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
Loading...