On Tue, Dec 19, 2017 at 4:27 AM, Haitaoliu <[email protected]> wrote: > > > On 2017年12月19日 11:14, Mark Asselstine wrote: > > On Mon, Dec 18, 2017 at 8:58 PM, Liu Haitao <[email protected]> > wrote: > > When enable lxc service it failed with the following errors: > > """ > root@intel-x86-64:~# /usr/libexec/lxc/lxc-net start > > dnsmasq: cannot set --bind-interfaces and --bind-dynamic > Failed to setup lxc-net. > """ > > It said that the "bind-interfaces" and "bind-dynamic" cannot cooperate > together. > These two options have the same fundamental capacity of binding network > interfaces. > > So dnsmasq just require one of this kind of option. > > For some reason ,the following commit compulsively add the "bind-dynamic" > option > for dnsamsq. > > """ > c3c4d977cbb51363f9030c2e39d56a772b29f73b > """ > > It is not for "some reason", it is for a specific reason that is > explained in detail in the commit log and in the comment that goes > with the setting. Libvirt will have issues setting up virbr0 if we do > not use 'bind-dynamic'. > > Now you aren't touching the dnsmasq.conf file which is good since you > will not be breaking libvirt with this change but I will have to take > a closer look at your approach to see if it valid for lxc-net. Really > we should move the 'bind-dynamic' into a libvirt specific > sub-configuration file in /etc/dnsmasq.d/, so something like > /etc/dnsmasq.d/libvirt.conf, and then have another one for lxc > (/etc/dnsmasq.d/lxc.conf). The main dnsmasq.conf file should be empty. > But again I need to dig around a bit to remind myself of how things > work. > > Did you do any testing other than lxc-net starting? did you validate > the dnsmasq functions on the lxcbr0 that is bound to the new instance > of dnsmasq? > > I did not do any other test about lxc-net except starting. > if we don't remove 'bind-interfaces' , the lxcbr0 would also be created > correctly . But the dnsmasq will fail. I have no idea if it has an influence > on IP address assignment of lxc. > > I will validate it later.
I didn't get around to looking at this in more detail yet. I did examine how things are setup in Ubuntu when both lxc and libvirt are present and it matches what I had planned with both a libvirt and lxc config file in dnsmasq.d. I am in the process of reviving the 'kvm-image-minimal' in meta-virtualization such that I can test things out properly. Now that I have this image up and running with both lxc and libvirt running I can start to try out some configurations. MarkA > > thanks, > haitao > > > MarkA > > So we just remove 'bind-interfaces' in lxc service scripts. > > Signed-off-by: Liu Haitao <[email protected]> > --- > ...1-lxc-Disable-the-bind-interfaces-for-lxc.patch | 45 > ++++++++++++++++++++++ > recipes-containers/lxc/lxc_2.0.8.bb | 1 + > 2 files changed, 46 insertions(+) > create mode 100644 > recipes-containers/lxc/files/0001-lxc-Disable-the-bind-interfaces-for-lxc.patch > > diff --git > a/recipes-containers/lxc/files/0001-lxc-Disable-the-bind-interfaces-for-lxc.patch > b/recipes-containers/lxc/files/0001-lxc-Disable-the-bind-interfaces-for-lxc.patch > new file mode 100644 > index 0000000..fec6843 > --- /dev/null > +++ > b/recipes-containers/lxc/files/0001-lxc-Disable-the-bind-interfaces-for-lxc.patch > @@ -0,0 +1,45 @@ > +From 76533652915dcca2ce4265b320fd1c20a75adff8 Mon Sep 17 00:00:00 2001 > +From: Liu Haitao <[email protected]> > +Date: Sun, 17 Dec 2017 23:02:13 -0800 > +Subject: [PATCH] lxc: Disable the bind-interfaces for lxc. > + > +When enable lxc service it failed with the following errors: > +""" > + dnsmasq: cannot set --bind-interfaces and --bind-dynamic > + Failed to setup lxc-net. > +""" > +It said that the "bind-interfaces" and "bind-dynamic" cannot > +cooperate together. > +These two options have the same fundamental capacity of binding > +network interfaces. > +So dnsmasq just require one of this kind of option. > +For some reason ,the following commit compulsively add the "bind-dynamic" > option > +for dnsamsq. > +""" > + c3c4d977cbb51363f9030c2e39d56a772b29f73b > +""" > +So we just remove 'bind-interfaces' in lxc service scripts. > + > +Upstream-Status: Inappropiate [Modify configuration] > + > +Signed-off-by: Liu Haitao <[email protected]> > +--- > + config/init/common/lxc-net.in | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/config/init/common/lxc-net.in b/config/init/common/lxc-net.in > +index f770950f..6f45228d 100644 > +--- a/config/init/common/lxc-net.in > ++++ b/config/init/common/lxc-net.in > +@@ -128,7 +128,7 @@ start() { > + done > + > + dnsmasq $LXC_DHCP_CONFILE_ARG $LXC_DOMAIN_ARG -u ${DNSMASQ_USER} \ > +- --strict-order --bind-interfaces > --pid-file="${varrun}"/dnsmasq.pid \ > ++ --strict-order --pid-file="${varrun}"/dnsmasq.pid \ > + --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} \ > + --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override \ > + --except-interface=lo --interface=${LXC_BRIDGE} \ > +-- > +2.11.0 > + > diff --git a/recipes-containers/lxc/lxc_2.0.8.bb > b/recipes-containers/lxc/lxc_2.0.8.bb > index c9ce5f0..5267bf7 100644 > --- a/recipes-containers/lxc/lxc_2.0.8.bb > +++ b/recipes-containers/lxc/lxc_2.0.8.bb > @@ -36,6 +36,7 @@ SRC_URI = > "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \ > file://lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch \ > file://logs-optionally-use-base-filenames-to-report-src-fil.patch \ > file://cgroups-work-around-issue-in-gcc-7.patch \ > + file://0001-lxc-Disable-the-bind-interfaces-for-lxc.patch \ > " > > SRC_URI[md5sum] = "7bfd95280522d7936c0979dfea92cdb5" > -- > 2.11.0 > > -- > _______________________________________________ > meta-virtualization mailing list > [email protected] > https://lists.yoctoproject.org/listinfo/meta-virtualization > > > > -- > _______________________________________________ > meta-virtualization mailing list > [email protected] > https://lists.yoctoproject.org/listinfo/meta-virtualization > -- _______________________________________________ meta-virtualization mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-virtualization
