Hey all, According to a discussion last week in the Nova-Libvirt subgroup meeting, it was advised, by danpb, that I bring this issue up on the Libvirt mailing list for discussion and resolution. So, here goes -
I'm currently using config drive from Nova to generate network configurations for LXC guests that are spun up via Libvirt. Unfortunately, when doing some IPv6 testing, I ran into a snag (with a couple work arounds detailed below). Due to the read-only mount of /proc/sys (http://libvirt.org/drvlxc.html#fsmounts), I am unable to get expected behavior from IPv6 static network configurations. I did some poking around and found this bug from a couple years ago that pretty well outlines the problem: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/964882. I wasn't sure how we might go about correcting this, but it seems like something we'll need to address in Libvirt. Maybe with the user namespaces working, we can begin to provide some read/write mounts instead of read-only with clear documentation on the security implications? =] When using static IPv6 addressing it was attempting the following command: 'sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0'. I tested to see whether the host and the guest share this value. I was able to change it in the host without it being reflected in the guest. The work arounds I've tried that seemed to allow IPv6 to get configured properly: 1. Use the post-up hook on an IPv4 static configuration to configure IPv6 via ifconfig/routes (example: http://paste.openstack.org/show/82446/). 2. Patch Libvirt to include a /proc/sys/net mount as read/write. Cheers! -Thomas
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
