Macvlan Not Working for LXC centos/8 Container

Subham_mandal · November 14, 2019, 10:41am

Hi,

I’ve tried to spin up Centos/8 lxc container with profile using macvlan,however container is not getting assigned with any IP’s,Please note the same works well for Centos/7 containers.

below is my profile details:

description: Macvlan LXD profile
devices:
eth0:
name: eth0
nictype: macvlan
parent: ens33
type: nic
projects:
path: /data
source: /data
type: disk
root:
path: /
pool: newstorage
type: disk
name: new
used_by:

Is this expected behavior ?

Any help on this will be appreciated

Subham_mandal · November 14, 2019, 10:48am

@simos : can you please help on this ?

stgraber · November 14, 2019, 5:18pm

Is that inside a VM or something?

Those kind of macvlan failures are usually either because the underlying network performs MAC filtering and so just blocks the traffic or the NIC driver not properly implementing macvlan.

Subham_mandal · November 15, 2019, 6:17am

Thanks for your reply.

Well… Below is my setup

HostMachine :- Ubuntu 18:04 running on VMWare.
when i spin up centos/7 image it works well it is taking IP,however if it is centos/8 image it is not.
I wonder if there is any additional setting required for centos/08 in profile level?

Here is what am trying:

lxc launch -p macvlan images:centos/8 elk1
lxc launch -p macvlan images:centos/7 elk2

Below are the results,I’m using the same profile which i’ve mentioned in earlier post.

Below for Centos/7 with IP

Below for Centos/8 without IP

How can i sort this out? as i need centos/8 container with Macvlan,Any help will be appreciated.

Thanks in advance!

simos · November 15, 2019, 1:53pm

Hi!

It varies depending on whether you use VMware, virtual box, hyperv, KVM. Your case is with VMware.

I have tried with virtualbox. I had to enable Promiscuous mode in the settings. And also set the host’s interface to “promisc”. Then, it worked.

A user reported that it worked with VMware at https://blog.simos.info/how-to-make-your-lxd-container-get-ip-addresses-from-your-lan/

tomp · November 15, 2019, 2:44pm

Also see this post regarding a similar issue Containers without connection

Subham_mandal · November 15, 2019, 4:51pm

Thanks for your reply.

I will try with Virtualbox,however my question still remains the same.

if centos/7 container is able to fetch macvlan IP why NOT centos/8 given am running both container in same VM?

am i missing something?

tomp · November 15, 2019, 5:28pm

@Subham_mandal I’m not sure, you’re best bet is to start some network traces on the VM host and inside the container and see what is happening with the DHCP requests: are they making it out from the container to the VM host, do they get replies?

simos · November 16, 2019, 8:38am

I just noticed that you mention a change between Centos 7 and 8, working only the former.
Therefore disregard me suggesting to switch VM. If it works in one version of the distro, then it is a regression when it does not work on another version.

Subham_mandal · November 16, 2019, 11:58am

would you mind trying this once in VMWare and advise if i’m missing any config,i will be happy to provide more info if it demands.

Thanks in advance!

Subham_mandal · December 2, 2019, 7:43am

@simos : May i know if you had sometime and tried this? I still dint get this working.

Thanks,
Subham

lvanni · May 19, 2020, 12:35pm

Hi, i have same problem @Subham_mandal , my centos8 container doesn’t work with macvlan nic type. have you find a workaround?

nick-jansen · July 3, 2020, 2:30pm

Same problem here, any update / fix to resolve the issue?

stevenspencer · July 15, 2020, 8:42pm

This has been beating us up here as well. Today, I found an answer. It may not be /the/ answer, but it does work. The problem is with CentOS 8 and the complete replacement of network-scripts with NetworkManager scripts. I know that there have been others searching for an answer to this in vain, so I’m offering up what I’ve found. Do with it what you may!

Create a centos8 container using the defaults (i.e., don’t apply macvlan to them on the build) so have it use the bridge interface, which is the default
Next get into the container

lxc exec [container_name] bash

Next install the old network-scripts package

dnf install network-scripts

Next stop Network Manager

systemctl stop NetworkManager

Now make sure it doesn’t start on container startup

systemctl disable NetworkManager

Next enable the Network service (part of the network-scripts package)

systemctl enable network.service

Exit out of the container
Now apply (or assign) your macvlan template to the container

lxc profile apply [container_name] default,macvlan - Get into the container and modify the interface vi /etc/sysconfig/network-scripts/ifcfg-eth0

and set the interface with the IP or dhcp, depending on your setup. Save the configuration and get out.

Test that the interface comes up

ifup eth0

which is where you will see the scripts complaining about using a deprecated procedure.

assuming the interface comes up with an IP address, exit out of the container, stop it and start it again, and as long as it comes back up with the IP, you are golden.

That’s it. I’m hoping that this will help someone else not go down the rabbit holes that I have had to do to get this information, test it and apply it. Good Luck!

Steve