[libvirt] DHCP and secure containers
Gene Czarcinski
gczarcinski at ec.rr.com
Wed Sep 3 13:42:07 UTC 2014
On 09/02/2014 06:37 AM, Gene Czarcinski wrote:
> OK, hopefully this mailing list is more active and I can get some
> response to my questions.
> ---------------------------------------------------------------------------------------------------------------------
>
> I have been "playing with" Secure Containers running a lighttpd server
> and have it up and running. I used Adam's process
> (https://www.happyassassin.net/2014/07/23/bridged-networking-for-libvirt-with-networkmanager-2014-fedora-21/)
> for getting a bridge defined when also running NetworkManager. I then
> created a virtual network definition:
>> <network>
>> <name>net18</name>
>> <uuid>8d19a05b-ac85-4e2a-88bc-5ca4cbb29a33</uuid>
>> <forward mode='bridge'/>
>> <bridge name='br0'/>
>> </network>
> This works fine when I use static addresses such as:
>> -N
>> source=net18,address=192.168.18.94/24,route=192.168.18.255%192.168.18.1
> but does not work when I specify using dhcp:
>> -N source=net18,dhcp
> I have reported this as a bug:
> https://bugzilla.redhat.com/show_bug.cgi?id=1133686
>
> Since there has not been much of a reaction to the BZ report, I
> decided to take a look at the source code (it sure would have been
> nice if the SRPMS were there in the F20 fedora-virt-preview but I get
> the package from development/21).
>
> I see that libvirt-sandbox-init-common.c has the code for starting
> dhcp and also has main() along with some runtime options for -v
> verbose and -d debug.
>
> OK, how do I go about turning verbose and/or debug on?
>
> Any suggestions on how to debug and get dhcp to work? I not only want
> to find the problem but to fix the problem if needed.
While I have not figured out how to get dhcp to work with a secure
container create by virt-sandbox-service, I have gotten a container
working with the network up and a dhcp assigned IP using the lxc-*
commands and following this procedure:
https://sysadmincasts.com/episodes/24-introduction-to-containers-on-linux-using-lxc
to create a "busybox" container. The network came up automatically.
Following the procedure in this tutorial:
https://major.io/2014/04/21/launch-secure-lxc-containers-on-fedora-20-using-selinux-and-svirt/
I created and installed a test container. I had to add ifcfg-eth0 for a
simple network and then run "service network start" for the netowrk to
actually come up ... which it did with a DHCP (actually dnsmasq)
assigned IP address. Note that this procedure explicitly installs the
dhclient package.
So, what am I doing "wrong" with secure containers? Or, is this a bug?
Gene
More information about the libvir-list
mailing list