Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow creating macvlan network without subnet when using netavark backend #13521

Closed
craftyguy opened this issue Mar 15, 2022 · 3 comments · Fixed by #13701
Closed

allow creating macvlan network without subnet when using netavark backend #13521

craftyguy opened this issue Mar 15, 2022 · 3 comments · Fixed by #13701
Assignees
@Luap99
Labels
kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. network Networking related issue or feature

Comments

@craftyguy
Copy link
Contributor

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind feature

Description

podman (with netavark) should allow creating a mavlan network without specifying a subnet, for cases where the container is capable of managing its own IP assignment on the network (e.g. running its own dhcp client). Currently --subnet is required, or podman network create -d macvlan will error out.

Steps to reproduce the issue:

  1. podman network create -d macvlan foo

  2. error that --subnet is required

Describe the results you received:

Error: macvlan driver needs at least one subnet specified, DHCP is not supported with netavark

Describe the results you expected:

New macvlan network created with no IP management by podman

Additional information you deem important (e.g. issue happens only occasionally):

This was discussed briefly in chat with @Luap99. Also related: containers/netavark#152

Output of podman version:

❯ podman version
Client:       Podman Engine
Version:      4.0.2
API Version:  4.0.2
Go Version:   go1.17.7
Git Commit:   bddda48d70a98bb3d47ffe747ba2f84f340b4722
Built:        Wed Mar  2 18:56:21 2022
OS/Arch:      linux/amd64

Output of podman info --debug:

❯ podman info --debug
host:
  arch: amd64
  buildahVersion: 1.24.1
  cgroupControllers: []
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:
    package: conmon-2.1.0-r0
    path: /usr/bin/conmon
    version: 'conmon version 2.1.0, commit: feb71f1a6023ee6d874ed0a62a46a205a92f5dfc'
  cpus: 12
  distribution:
    distribution: alpine
    version: 3.15.0
  eventLogger: file
  hostname: librem14
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.15.26-0-lts
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 10435219456
  memTotal: 33538834432
  networkBackend: netavark
  ociRuntime:
    name: crun
    package: crun-1.4.3-r0
    path: /usr/bin/crun
    version: |-
      crun version 1.4.3
      commit: 61c9600d1335127eba65632731e2d72bc3f0b9e8
      spec: 1.0.0
      +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /tmp/1000-runtime-dir/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /etc/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.12-r0
    version: |-
      slirp4netns version 1.1.12
      commit: 7a104a101aa3278a2152351a082a6df71f57c9a3
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 8374448128
  swapTotal: 8384409600
  uptime: 163h 30m 32.32s (Approximately 6.79 days)
plugins:
  log:
  - k8s-file
  - none
  - passthrough
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - docker.io
store:
  configFile: /home/clayton/.config/containers/storage.conf
  containerStore:
    number: 3
    paused: 0
    running: 1
    stopped: 2
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/clayton/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 32
  runRoot: /tmp/1000-runtime-dir/containers
  volumePath: /home/clayton/.local/share/containers/storage/volumes
version:
  APIVersion: 4.0.2
  Built: 1646276181
  BuiltTime: Wed Mar  2 18:56:21 2022
  GitCommit: bddda48d70a98bb3d47ffe747ba2f84f340b4722
  GoVersion: go1.17.7
  OsArch: linux/amd64
  Version: 4.0.2

Package info (e.g. output of rpm -q podman or apt list podman):

podman
podman-openrc
podman-zsh-completion

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

(Yes)/No

Additional environment details (AWS, VirtualBox, physical, etc.):

Alpine Linux Edge
@openshift-ci openshift-ci bot added the kind/feature Categorizes issue or PR as related to a new feature. label Mar 15, 2022
@mheon
Copy link
Member

mheon commented Mar 15, 2022

@baude This is DHCP support, I believe?

@Luap99
Copy link
Member

Luap99 commented Mar 15, 2022

Yes we discussed that on IRC.
Short term I want to add --ipam-driver none option which would only add interfaces and no ip addresses.
That would also help me to fix #13124 and #12990

@Luap99 Luap99 added the network Networking related issue or feature label Mar 15, 2022
@craftyguy
Copy link
Contributor Author

@mheon ya this is closer to what @Luap99 mentioned, supporting DHCP would be nice, but it sounds like it might be difficult. In reality, I just need a way to create interfaces with macvlan and have the container manage IP assignment. Currently I have to specify --subnet or else the net create will fail.

@Luap99 Luap99 self-assigned this Mar 17, 2022
Luap99 added a commit to Luap99/common that referenced this issue Mar 17, 2022
@Luap99
libnetwork/netavark: allow network create with no ipam driver
cb62f29 
Network create now uses the ipam driver. This allows the user to
configure the ipam driver manually instead of choosing a fixed default.
If the ipam driver is `none` no ips will be assigned to this container.
This means that only the interfaces are created.

This will require a patch in netavark since it rejects the config when
no static ips are provided.

Ref containers/podman#13521

Signed-off-by: Paul Holzinger <[email protected]>
@Luap99 Luap99 mentioned this issue Mar 17, 2022
Merged
Luap99 added a commit to Luap99/common that referenced this issue Mar 18, 2022
@Luap99
libnetwork/netavark: allow network create with no ipam driver
8a9a59b 
Network create now uses the ipam driver. This allows the user to
configure the ipam driver manually instead of choosing a fixed default.
If the ipam driver is `none` no ips will be assigned to this container.
This means that only the interfaces are created.

This will require a patch in netavark since it rejects the config when
no static ips are provided.

Ref containers/podman#13521

Signed-off-by: Paul Holzinger <[email protected]>
Luap99 added a commit to Luap99/common that referenced this issue Mar 29, 2022
@Luap99
libnetwork/netavark: allow network create with no ipam driver
ab3ec4b 
Network create now uses the ipam driver. This allows the user to
configure the ipam driver manually instead of choosing a fixed default.
If the ipam driver is `none` no ips will be assigned to this container.
This means that only the interfaces are created.

This will require a patch in netavark since it rejects the config when
no static ips are provided.

Ref containers/podman#13521

Signed-off-by: Paul Holzinger <[email protected]>
@Luap99 Luap99 mentioned this issue Mar 29, 2022
Merged
Luap99 added a commit to Luap99/libpod that referenced this issue Apr 11, 2022
@Luap99
network create: add support for ipam-driver none
784a13f 
Add a new flag to set the ipam-driver. Also adds a new ipam driver none
mode which only creates interfaces but does not assign addresses.

Fixes containers#13521

Signed-off-by: Paul Holzinger <[email protected]>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 20, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 20, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@Luap99 Luap99

Labels
kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. network Networking related issue or feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

network create: add support for ipam-driver none Luap99/libpod
3 participants
@craftyguy @mheon @Luap99