[Bug 1863873] Re: Systemd fails to configure bridged network in LXC container

xavier 1863873 at bugs.launchpad.net
Thu Feb 20 15:09:32 UTC 2020 

The problem is also present in privileged LXC containers. Example with
full LXC configuration below, on a host with a custom 5.4.13 kernel.

# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf

# For Ubuntu 14.04
lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0
lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0
lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
lxc.mount.entry = mqueue dev/mqueue mqueue rw,relatime,create=dir,optional 0 0
lxc.include = /usr/share/lxc/config/userns.conf

# For Ubuntu 14.04
lxc.mount.entry = /sys/firmware/efi/efivars sys/firmware/efi/efivars none bind,optional 0 0
lxc.mount.entry = /proc/sys/fs/binfmt_misc proc/sys/fs/binfmt_misc none bind,optional 0 0
lxc.arch = linux64
lxc.hook.pre-start = /usr/local/share/lxc/hooks/pre-start.sh vps526706
lxc.hook.post-stop = /usr/local/share/lxc/hooks/post-stop.sh vps526706
lxc.hook.destroy = /usr/local/share/lxc/hooks/destroy.sh vps526706
lxc.mount.fstab = /lxc/vps526706/fstab
lxc.rootfs.path = dir:/lxc/vps526706/rootfs
lxc.uts.name = vps526706

# Network configuration
lxc.net.0.type = veth
lxc.net.0.veth.pair = vps526706
lxc.net.0.flags = up
lxc.net.0.link = br0
lxc.net.0.hwaddr = 02:00:00:52:67:06
lxc.net.0.name = eth0
lxc.net.0.ipv4.gateway = 192.168.252.1
lxc.net.0.ipv4.address = 192.168.252.171/32

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1863873

Title:
  Systemd fails to configure bridged network in LXC container

Status in systemd package in Ubuntu:
  Incomplete

Bug description:
  In all our unprivileged LXC containers running Bionic Beaver,
  installing systemd 237-3ubuntu10.39 results in losing network
  configuration.

  It is still possible to configure the network "by hand" with
  /usr/sbin/ip, but of course, the configuration is lost at reboot.

  Hosts:

  Debian Buster
  custom 5.3.9, 5.4.8 or 5.4.13 kernel

  Example container network configuration:

  lxc.net.0.type = veth
  lxc.net.0.veth.pair = vps525389
  lxc.net.0.flags = up
  lxc.net.0.link = br0
  lxc.net.0.hwaddr = 02:00:00:52:53:89
  lxc.net.0.name = eth0
  lxc.net.0.ipv4.gateway = 192.168.252.1
  lxc.net.0.ipv4.address = 192.168.252.177/32

  Steps to reproduce, inside the container:

  root at vps525389:~# lsb_release -rd
  Description:    Ubuntu 18.04.4 LTS
  Release:        18.04
  root at vps525389:~# apt-cache policy systemd
  systemd:
    Installed: 237-3ubuntu10.38
    Candidate: 237-3ubuntu10.39
    Version table:
       237-3ubuntu10.39 500
          500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
   *** 237-3ubuntu10.38 500
          500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
          100 /var/lib/dpkg/status
       237-3ubuntu10 500
          500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages
  root at vps525389:~# ip a
  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      inet 127.0.0.1/8 scope host lo
         valid_lft forever preferred_lft forever
      inet6 ::1/128 scope host
         valid_lft forever preferred_lft forever
  1958: eth0 at if1959: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
      link/ether 02:00:00:52:53:89 brd ff:ff:ff:ff:ff:ff link-netnsid 0
      inet 192.168.252.177/32 brd 255.255.255.255 scope global eth0
         valid_lft forever preferred_lft forever
      inet6 xxxx:xxxx:x:xx::x:xxxx/128 scope global
         valid_lft forever preferred_lft forever
      inet6 xxxx::xx:xxxx:xxxx/64 scope link
         valid_lft forever preferred_lft forever
  root at vps525389:~# apt install systemd
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  The following additional packages will be installed:
    libnss-systemd libpam-systemd libsystemd0
  Suggested packages:
    systemd-container policykit-1
  The following packages will be upgraded:
    libnss-systemd libpam-systemd libsystemd0 systemd
  4 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
  Need to get 3330 kB of archives.
  After this operation, 7168 B of additional disk space will be used.
  Do you want to continue? [Y/n]
  Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libnss-systemd amd64 237-3ubuntu10.39 [104 kB]
  Get:2 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libpam-systemd amd64 237-3ubuntu10.39 [107 kB]
  Get:3 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 systemd amd64 237-3ubuntu10.39 [2912 kB]
  Get:4 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libsystemd0 amd64 237-3ubuntu10.39 [206 kB]
  Fetched 3330 kB in 3s (1274 kB/s)
  (Reading database ... 18195 files and directories currently installed.)
  Preparing to unpack .../libnss-systemd_237-3ubuntu10.39_amd64.deb ...
  Unpacking libnss-systemd:amd64 (237-3ubuntu10.39) over (237-3ubuntu10.38) ...
  Preparing to unpack .../libpam-systemd_237-3ubuntu10.39_amd64.deb ...
  Unpacking libpam-systemd:amd64 (237-3ubuntu10.39) over (237-3ubuntu10.38) ...
  Preparing to unpack .../systemd_237-3ubuntu10.39_amd64.deb ...
  Unpacking systemd (237-3ubuntu10.39) over (237-3ubuntu10.38) ...
  Preparing to unpack .../libsystemd0_237-3ubuntu10.39_amd64.deb ...
  Unpacking libsystemd0:amd64 (237-3ubuntu10.39) over (237-3ubuntu10.38) ...
  Setting up libsystemd0:amd64 (237-3ubuntu10.39) ...
  Setting up systemd (237-3ubuntu10.39) ...
  Setting up libnss-systemd:amd64 (237-3ubuntu10.39) ...
  Setting up libpam-systemd:amd64 (237-3ubuntu10.39) ...
  Processing triggers for dbus (1.12.2-1ubuntu1.1) ...
  Processing triggers for libc-bin (2.27-3ubuntu1) ...
  root at vps525389:~# ip a
  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      inet 127.0.0.1/8 scope host lo
         valid_lft forever preferred_lft forever
      inet6 ::1/128 scope host
         valid_lft forever preferred_lft forever
  1958: eth0 at if1959: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
      link/ether 02:00:00:52:53:89 brd ff:ff:ff:ff:ff:ff link-netnsid 0
      inet6 fe80::ff:fe52:5389/64 scope link
         valid_lft forever preferred_lft forever

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1863873/+subscriptions

More information about the foundations-bugs mailing list