Hi,
i try to use systemd-nspawn so start a centos7 container on 13.2 , this does work.
sudo systemd-nspawn -D centos-7-x86_64 -b
if i try to use --network-veth or --network-bridge i get
Failed to append netlink kind: Operation not supported
nothing in the journal.
the main interface is a wlan interface maybe this is the problem, but with fedora 21 beta it does work (systemd 216)
sadyl the systemd version is not recent (>210)… so i can not use
–network-macvlan
regards flo
I’m not sure how easily systemd-nspawn can do what you are trying to do, are you following any kind of guide?
My personal use of systemd-nspawn has been purely as a chroot replacement, and it works really well.
If you are trying to launch an entire container, I’d instead recommend running Docker which is the latest and highly recommended way to run Linux Containers.
Here are links on what I wrote about Docker for 13.1.
All should apply to 13.2 as well.
Only modification I haven’t made to my wiki pages is that I recommend you install using the Main Update repository instead of the Virtualization repo… after all, you probably would want to run “zypper up” anyway to get the latest packages anyway…
http://en.opensuse.org/User:Tsu2#Docker
Also, I initiated this thread which describes Docker in the FAQ
https://forums.opensuse.org/showthread.php/500072-How-to-Docker-on-openSUSE
If you have any other questions running systemd-nspawn or Docker, I’d recommend you post in the Virtualization or Application forums instead of the Netowrking forum.
TSU
yes i follow the systemd-nspawn man page
thx for the recomendation but i explicitly do not wan’t to use Docker ,
OK, this is a systemd-nspawn featureI haven’t done before, but after reading the MAN pages it looks like this new(?) implementation of networking is very similar to what exists in Docker which is slightly different than traditional virtual networking.
First, regarding macvlan…
It has been part of the standard Linux kernel for many years now. If you <really> want to implement explicitly, it might still be possible to manually configure… a search for “/etc/network/interfaces macvlan” returns many results which can be tried. IIRC macvlan’s special feature is support for wireless networking, but even so nowadays it might be possible to use <any> kind of networking without using macvlan directly (other methods may use it for you without special configuration).
But, IMO based on the nspawn MAN pages, it looks like networking should be configured without a major issue.
I would recommend possibly easiest…
YAST - Very easy, from “Network Devices” add a “New” “bridge” and follow the instructions. Creates bridges with default “br0” type names
Command line
Libvirt - Using vm manager, you create bridge names with “virbr0” style names. Advantage of libvirt is the ability to create options easily, like DHCP, various network configurations including NAT/Bridge/Private, more.
VBox,VMware Workstation, etc - All come with management utilities which easily create and manage virtual networks. So, for instance if you <already> have one of these installed, just use the bridge devices already created.
Whatever method you use to create a bridge device, you will likely want to use the brctl command to display and manage devices from the command line. This is completely cross-virtualiztion technology and displays/manages all bridge devices no matter how and where they were created.
More than likely one of the following should then work in the nspawn invoking command
–network-interface=
–network-bridge=
HTH,
TSU
Hello Tsu2,
thank you for your help and detailed explanation.
this all is not new for me, i know how to create a macvlan interface, and the other things, i also know docker and its network downsides (yes pipework exists but it need something inside the container , so the container is no longer really universal) , and the problems with integration in system managers like systemd, that (and such other things) are the reason i try systemd-nspawn , which looks better to fit my needs as docker.
in theory --network-veth and --network-bridge should work, but it does not, i can reproduce this also on SLES12 (but i only have a evaluation licence)
i have opend a bugreport for this https://bugzilla.opensuse.org/show_bug.cgi?id=906709
regards fl0
From your bugzila posts,
It’s not clear to me what is your br0 and whether you have your interface configured correctly.
Missing are the results of the following if they exist, or modified for relevancy
Within your Host
brctl showbr br0
cat /etc/sysconfig/network/ifcfg-br0
Within your Guest
cat /etc/sysconfig/network/<NIC name>
TSU
Hello TSU
here are the Infos
linux-8iw2:~ # ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:a8:9a:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.142/24 brd 192.168.100.255 scope global ens3
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea8:9a64/64 scope link
valid_lft forever preferred_lft forever
3: wwp0s5f7u2i6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 02:15:e0:ec:01:00 brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default
link/ether f2:ee:ef:1b:d9:44 brd ff:ff:ff:ff:ff:ff
linux-8iw2:~ # brctl show br0
bridge name bridge id STP enabled interfaces
br0 8000.000000000000 no
linux-8iw2:~ # systemd-nspawn -D /home/flo/centos --network-bridge=br0
Failed to append netlink kind: Operation not supported
linux-8iw2:~ # cat /etc/sysconfig/network/ifcfg-br0
DEVICE=br0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
NM_CONTROLLED=no
DELAY=0
linux-8iw2:~ #
manually adding a macvaln interface and use --network-interface does work
linux-8iw2:~ # ip link add name cont1 link ens3 type macvlanlinux-8iw2:~ # ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:a8:9a:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.142/24 brd 192.168.100.255 scope global ens3
valid_lft forever preferred_lft forever
inet 192.168.100.143/24 brd 192.168.100.255 scope global secondary ens3
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea8:9a64/64 scope link
valid_lft forever preferred_lft forever
4: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default
link/ether f2:ee:ef:1b:d9:44 brd ff:ff:ff:ff:ff:ff
5: wwp0s5f7u2i6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 02:15:e0:ec:01:00 brd ff:ff:ff:ff:ff:ff
6: cont1@ens3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default
link/ether b2:2e:8f:8c:a1:e8 brd ff:ff:ff:ff:ff:ff
linux-8iw2:~ # systemd-nspawn -D /home/flo/centos --network-interface=cont1
[root@centos ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
6: cont1@if2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether b2:2e:8f:8c:a1:e8 brd ff:ff:ff:ff:ff:ff