podman create --mac-address doesn't work
#1136
Comments
|
No worries, for the use-case I'm eyeing (node-locked license server in container) I can use docker in the meantime. |
|
Is it planned to support setting mac addresses at some point? I have the same issue as @runiq, but since this is a new deployment I would have liked to avoid docker and use podman from the start. I have also tried setting the mac adress via |
|
@mccv1r0 Is there any ability for us to set the MAC address for bridge networks in CNI? |
See tuning plugin. The |
|
Thanks for your quick answers. I am testing on CentOS 7 (podman v1.3.2, containernetworking-plugins v0.7.5, from the 'extras' repository):
(I tested the 'IP' argument to see whether CNI_ARGS works and the IP address was properly set)
and also tried to explicitly set the MAC address at various locations in this file (in the plugin definition, as args, etc.) but to no avail. I think that I am missing something with how the chaining of plugins is working. (I mostly tried to understand network-configuration-lists) Should I define additional files? |
|
Reopening this given that it does seem possible on the CNI side. |
|
Been on PTO until today. I used this just now to test that the containers MAC address can be set using up to date CNI and plugins. cnitool simulates a runtime such as podman. First set CAP_ARGS to tell cnitool what it should feed CNI as the runtime supplied capabilities: Now run cnitool: The corresponding conflist is: |
|
Alright. Based on this, we need small changes to the ocicni wrapper to allow setting |
|
@mheon Is this something we can get in for podman 1.5 along with IPV6 support? Seems like a nice feature to add. |
|
Sure, I think this is a good candidate for 1.5.
…On Thu, Aug 1, 2019, 05:30 Daniel J Walsh ***@***.***> wrote:
@mheon <https://github.com/mheon> Is this something we can get in for
podman 1.5 along with IPV6 support? Seems like a nice feature to add.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1136>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB3AOCG3SIPOJQJJOLCXVQLQCKUJ5ANCNFSM4FLMURAA>
.
|
|
@mheon Since this did not make the 1.5 release. Could you make this feature work in the next week or so, or should we assign it to someone else? |
|
My target here is 1.5.1 or .2.
…On Sat, Aug 10, 2019, 06:01 Daniel J Walsh ***@***.***> wrote:
@mheon <https://github.com/mheon> Since this did not make the 1.5
release. Could you make this feature work in the next week or so, or should
we assign it to someone else?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1136>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AB3AOCEILOKTU3HW6AWUT63QD2GZLANCNFSM4FLMURAA>
.
|
|
make a card! |
|
Any progress? I need |
|
On my list of priorities, it's around position 3 - after volume plugin support (working on this now) and IPv6 support. |
|
@mheon Any hints on how to implement this feature? |
|
First step is to modify OCICNI to allow the MAC address to be passed in as part of CNI args - Then we vendor the new OCICNI library, and add handling for |
|
Shall we use the tunning plugin as proposed at: k8snetworkplumbingwg/multus-cni#266 (comment) ? |
|
This seems to be naive: diff --git a/pkg/ocicni/ocicni.go b/pkg/ocicni/ocicni.go
index 88d1806..adbd0a0 100644
--- a/pkg/ocicni/ocicni.go
+++ b/pkg/ocicni/ocicni.go
@@ -819,6 +819,15 @@ func buildCNIRuntimeConf(cacheDir string, podNetwork *PodNetwork, ifName string,
rt.Args = append(rt.Args, [2]string{"IP", ip})
}
+ // Add the requested static MAC to CNI_ARGS
+ mac := runtimeConfig.MAC
+ if mac != "" {
+ if tstMAC := net.ParseMAC(mac); tstMAC == nil {
+ return nil, fmt.Errorf("unable to parse MAC address %q", mac)
+ }
+ rt.Args = append(rt.Args, [2]string{"MAC", mac})
+ }
+
// Set PortMappings in Capabilities
if len(runtimeConfig.PortMappings) != 0 {
rt.CapabilityArgs["portMappings"] = runtimeConfig.PortMappings
diff --git a/pkg/ocicni/types.go b/pkg/ocicni/types.go
index af013ae..717ecda 100644
--- a/pkg/ocicni/types.go
+++ b/pkg/ocicni/types.go
@@ -44,6 +44,9 @@ type RuntimeConfig struct {
// with the hostlocal IP allocator. If left unset, an IP will be
// dynamically allocated.
IP string
+ // MAC is a static MAC address to be assigned to the network interface.
+ // If left unset, a MAC will be dynamically allocated.
+ MAC string
// PortMappings is the port mapping of the sandbox.
PortMappings []PortMapping
// Bandwidth is the bandwidth limiting of the pod |
|
That looks like it could well be enough - if you're able to PR this against OCICNI, I think there's a good chance they'll accept it. |
|
I could not resist to play with a little bit (not compiled nor tested): |
|
@filak-sap That looks pretty good, open a WIP PR and we can look at fixing ocicni. |
`go get github.com/cri-o/ocicni@deac903fd99b6c52d781c9f42b8db3af7dcfd00a` I had to fix compilation errors in libpod/networking_linux.go --- ocicni.Networks has changed from string to the structure NetAttachment with the member Name (the former string value) and the member Ifname (optional). I don't think we can make use of Ifname here, so I just map the array of structures to array of strings - e.g. dropping Ifname. --- The function GetPodNetworkStatus no longer returns Result but it returns the wrapper structure NetResult which contains the former Result plus NetAttachment (Network name and Interface name). Again, I don't think we can make use of that information here, so I just added `.Result` to fix the build. --- Issue: containers#1136 Signed-off-by: Jakub Filak <[email protected]>
|
Awesome, thanks everyone, much appreciated! |
|
No problem, keep the issues coming. They help make Podman into a better project. |
|
I can still not assign static IP to container using following command: fedora 30 please assist me, I need this to work |
|
Providing an error message might be helpful - hard to tell what's going wrong from just the command? |
|
There is no error, I just does not get the mac address im assigning an mac from inspect: CNI conf: |
|
Fuck. They match up... |
|
I did a quick check and verified with ifconfig inside a container - looks like the flag is working as expected |
|
But its acually still a issue for me, because I didnt acually fuck up. It was this mac that sendt a request to my dhcp server: 0a:dd:5b:ce:23:d1 Why? how am I suppose to set static IPs in pfsense then? whats happening? |
|
do you actually want to be doing a macvlan connection? |
|
No I need the containers to connect to my bridge, which is the lan adapter in pf sense. Therefore i would like them to make dhcp requests with the same mac everytime. Please help |
|
Hm. So you're using a pre-established bridge, configured elsewhere? And CNI is making DHCP requests using a different MAC? |
|
Yup, I would like my containers to jump on that bridge, since I have VMs and other things there, is this a problem with cni plugins? Or is it misconfiguration on my part? |
|
@mccv1r0 Thoughts? |
|
When I try to reproduce, I get an error Is I am using: podman version 1.7.0 on Fedora 30 |
|
Is there a missing |
I tried with and without double quotes |
|
*&%# never mind... cut/paste error |
|
Okai so my issue is the following. Im using this network-conf: I want my containers to jump on the bridge and to get a ip from the dhcp, this combined with the All help is very appriciated |
|
Things seem to work when using host-local (for a quick test): I don't have dhcp plugin setup yet. While I do that, @leier69, in your failing case, can you run |
|
I still don't have dhcp setup fully, but I might not need to. Using tcpdump on the bridge, I don't see the right mac address in the dhcp request. In one window: In the tcpdump window, I'd expect to see @leier69 Can you verify this on your setup? That is, run tcpdump on your bridge etc. confirm the mac seen by dhcp server matches tcpdump/container etc? If you do, open an issue in CNI Plugins. It looks like the issue is specific to the CNI dhcp client plugin. |
|
created issue containernetworking/plugins#450. Please comment on it to further its progress @mccv1r0 and 1000 times thanks @mccv1r0 ! <3 this gives me hope to have this setup work smoothly |
github-actions
bot
added
the
locked - please file new issue/PR
/kind bug
Description
The
--mac-addressswitch topodman create/podman rundoesn't work.Steps to reproduce the issue:
Describe the results you received:
An automatically-assigned MAC address.
Describe the results you expected:
The MAC address I specifiied in the argument.
Output of
podman version:Output of
podman info:Output of `podman info`
Additional environment details (AWS, VirtualBox, physical, etc.):
Contents of /etc/cni/net.d/87-podman-bridge.conflist
The text was updated successfully, but these errors were encountered: