The physical host is running 18.04.6 LTS and LXD/LXC 3.0.3. I have two unprivileged containers, one Ubuntu 18.04 container and a new Ubuntu 22.04 container. (Using the default images that lxc launch provides.)
netplan works fine in the Ubuntu 18.04 container, but due to udevadm trigger returning errors in the Ubuntu 22.04 container (which netplan relies on), netplan fails there.
Running netplan apply gives me the following errors:
eth0: Failed to write 'change' to '/sys/devices/virtual/net/eth0/uevent': Permission denied
...etc...
subprocess.CalledProcessError: Command '['udevadm', 'trigger', '--attr-match=subsystem=net']' returned non-zero exit status 1.
It seems that the root of the problem is that udevadm trigger is busted.
I’m a little puzzled how such a basic feature such as netplan could be broken. Does nobody use netplan inside of a container using Ubuntu 22 under a physical host running Ubuntu 18? Ubuntu 18 containers running on the same physical host have no issues running netplan.
The issue I’m running into appears to be the same issue experienced here:
I have tried the things discussed in the above conversation.
Creating this file in the container:
/etc/systemd/system/systemd-networkd.service.d/lxc.conf:
[Service]
BindReadOnlyPaths=/sys
Tried adding this to the container configs:
lxc.mount.auto: sys
And later this:
lxc.mount.auto = proc:rw sys:ro
I also tried setting security.nesting to “true”.
None of this seems to help.
I see another user experiencing a similar issue with using netplan in a Ubuntu 22 LXC container here:
It seems they just gave up on netplan after nobody was able to offer any solutions. That seems like what I’ll end up doing too. Just a bummer since I have systems that relied on netplan and now those systems will need to be altered to bypass netplan.
I can get the Ubuntu 22 container on the network by manually running ip addr add, etc. but not with netplan. So, I have a workaround, but I would prefer to see a fix for netplan.
Possibly related: "udevadm trigger" fails in containers with ro /sys · Issue #14060 · systemd/systemd · GitHub