Network setting for Fedora container

rongxia_xia_sh · August 26, 2019, 8:20am

Hi all,
I have a ubuntu host, on top of it, I want to create a fedora OS container. (I am frequent user for ubuntu, but totally new to Fedora)

I tried:

lxc launch fedora:30 fedora

And then it succeed, and I want to set it with static IP address:

lxc exec fedora bash

But then I find there are many services missing in this container, like

gpsemc@lxd:~$ lxc exec fedora bash
[root@fedora ~]# sudo service network restart
Redirecting to /bin/systemctl restart network.service
Failed to restart network.service: Unit network.service not found.

Do you have any clue? Why there is no network service? Is there anything I did wrong?

simos · August 26, 2019, 9:23am

Hi!

There are several versions of Fedora that you can use in LXD. You can run the following to view them.
These container images are available from the images: repository of container images. The following command filters the container images and shows only those that container fedora in the name. Currently, there are container images for Fedora 28, 29 and 30.

lxc image list images:fedora

If you use instead fedora:30, then LXD would try to find a remote called fedora which does not exist, and give you an error.

To launch a container, you would run

lxc launch images:fedora/30 mycontainer

To set a static IP in Fedora, you need to create a file in /etc/systemd/network/ with the relevant instructions. In this directory there is already a file called eth0.network that uses DHCP.
You can edit this file and change the contents into something like

[Match]
Name=eth0

[Network]
Address=10.10.10.15/24
Gateway=10.10.10.1
DNS=8.8.8.8

In Fedora, the network service is called systemd-networkd, therefore to restart the network service, you need to run

systemctl restart systemd-networkd

By doing so, your container gets the new IP address and you are ready to go.

If you want to setup the container so that it gets the static IP upon creation, you can use the images:fedora/30/cloud container image that has support for cloud-init. Then, you can configure LXD to pass the static IP configuration to the container so that as soon as you launch it, it gets the proper network configuration. For some info on using cloud-init in LXD, see

rongxia_xia_sh · August 27, 2019, 5:09am

I got below error during the step of restart network:
gpsemc@lxd:~$ lxc launch images:fedora/30 mycontainer
Creating mycontainer
Starting mycontainer

gpsemc@lxd:~$ lxc exec mycontainer bash

[root@mycontainer ~]# cd /etc/systemd/network
[root@mycontainer network]# ls
eth0.network
[root@mycontainer network]# vi eth0.network
[root@mycontainer network]# systemctl restart systemd-networkd
Job for systemd-networkd.service failed.
See “systemctl status systemd-networkd.service” and “journalctl -xe” for details.
[root@mycontainer network]# systemctl status systemd-networkd
● systemd-networkd.service - Network Service
Loaded: loaded (/usr/lib/systemd/system/systemd-networkd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2019-08-27 12:59:52 UTC; 13s ago
Docs: man:systemd-networkd.service(8)
Process: 117 ExecStart=/usr/lib/systemd/systemd-networkd (code=exited, status=226/NAMESPACE)
Main PID: 117 (code=exited, status=226/NAMESPACE)

Aug 27 12:59:52 mycontainer systemd[1]: systemd-networkd.service: Main process exited, code=exited, status=226/NAMESPACE
Aug 27 12:59:52 mycontainer systemd[1]: systemd-networkd.service: Failed with result ‘exit-code’.
Aug 27 12:59:52 mycontainer systemd[1]: Failed to start Network Service.
Aug 27 12:59:52 mycontainer systemd[1]: systemd-networkd.service: Service has no hold-off time (RestartSec=0), scheduling restart.
Aug 27 12:59:52 mycontainer systemd[1]: systemd-networkd.service: Scheduled restart job, restart counter is at 5.
Aug 27 12:59:52 mycontainer systemd[1]: Stopped Network Service.
Aug 27 12:59:52 mycontainer systemd[1]: systemd-networkd.service: Start request repeated too quickly.
Aug 27 12:59:52 mycontainer systemd[1]: systemd-networkd.service: Failed with result ‘exit-code’.
Aug 27 12:59:52 mycontainer systemd[1]: Failed to start Network Service.
[root@mycontainer network]#

simos · August 27, 2019, 8:51am

Hi again,

Please show the contents of the file eth0.network.
Most likely, you do not have a private network with IP address 10.10.10.1.
You would need to change this into the private IP range that you get when you run

lxc network show lxdbr0

However, if you want your container to be configured with an IP address from your LAN, you need to perform some extra configuration. For more on this, see

rongxia_xia_sh · August 28, 2019, 7:33am

This is my container host machine:
gpsemc@lxd:~$ ifconfig
br0 Link encap:Ethernet HWaddr 00:50:56:bd:8a:a0
inet addr:10.62.90.147 Bcast:10.62.90.255 Mask:255.255.255.128
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1990472 errors:0 dropped:646 overruns:0 frame:0
TX packets:198517 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:818460410 (818.4 MB) TX bytes:14861277 (14.8 MB)

gpsemc@lxd:~$ lxc profile show 10.62.90.147
config: {}
description: 10.62.90.147-network
devices:
eth0:
name: eth0
nictype: bridged
parent: br0
type: nic
name: 10.62.90.147

This is the network information inside the container:

[root@fedora3011 ~]# cat /etc/systemd/network/eth0.network
[Match]
Name=eth0

[Network]
Address=10.62.90.206/25
Gateway=10.62.90.129
DNS=10.254.174.10

But I always get below error:
root@fedora3011 ~]# systemctl restart systemd-networkd
Job for systemd-networkd.service failed.
See “systemctl status systemd-networkd.service” and “journalctl -xe” for details.

[root@fedora3011 ~]# systemctl status systemd-networkd.service
● systemd-networkd.service - Network Service
Loaded: loaded (/usr/lib/systemd/system/systemd-networkd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2019-08-28 15:39:16 UTC; 1min 32s ago
Docs: man:systemd-networkd.service(8)
Process: 160 ExecStart=/usr/lib/systemd/systemd-networkd (code=exited, status=226/NAMESPACE)
Main PID: 160 (code=exited, status=226/NAMESPACE)

Aug 28 15:39:16 fedora3011 systemd[1]: systemd-networkd.service: Service has no hold-off time (RestartSec=0), scheduling restart.
Aug 28 15:39:16 fedora3011 systemd[1]: systemd-networkd.service: Scheduled restart job, restart counter is at 5.
Aug 28 15:39:16 fedora3011 systemd[1]: Stopped Network Service.
Aug 28 15:39:16 fedora3011 systemd[1]: systemd-networkd.service: Start request repeated too quickly.
Aug 28 15:39:16 fedora3011 systemd[1]: systemd-networkd.service: Failed with result ‘exit-code’.
Aug 28 15:39:16 fedora3011 systemd[1]: Failed to start Network Service.

By the way, I am able to create a lot of containers in ubuntu 16.04. 18.04. But it cannot work for fedora.

For example, on ubuntu 18.04 it looks like this:

lxc launch ubuntu:18.04 sharon-ubuntu

root@sharon-ubuntu:~# cat /etc/netplan/50-cloud-init.yaml
network:
version: 2
ethernets:
eth0:
dhcp4: no
addresses: [10.62.90.206/25]
gateway4: 10.62.90.129
nameservers:
addresses: [10.254.174.10,10.104.128.235]

rongxia_xia_sh · August 28, 2019, 9:07am

@simos I actually find the same steps worked on Fedora 29. I can enable a container based on Fedora 29 image with the same steps you mentioned and the network works. But fedora 30 still has the network failure.

simos · August 28, 2019, 10:44am

I tried with Fedora 30, but with private bridge, and managed to set a static IP address using the systemd configuration file.
In your case above, can you also run journalctl -xe? Most likely it should say here what’s wrong.

rongxia_xia_sh · August 29, 2019, 2:58am

Good point.

-- /etc/systemd/journald.conf. See journald.conf(5) for details.
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '0' to 'kernel/yama/ptrace_scope', ignoring: Permission denied
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '|/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e' to 'kernel/core_pattern', ignoring: Permission denied
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '16' to 'kernel/sysrq', ignoring: Permission denied
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '1' to 'kernel/core_uses_pid', ignoring: Permission denied
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write 'fq_codel' to 'net/core/default_qdisc', ignoring: No such file or directory
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '1' to 'fs/protected_hardlinks', ignoring: Permission denied
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '1' to 'fs/protected_symlinks', ignoring: Permission denied
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '1' to 'fs/protected_regular', ignoring: No such file or directory
Aug 29 10:40:43 fedora30 systemd-sysctl[39]: Couldn't write '1' to 'fs/protected_fifos', ignoring: No such file or directory
Aug 29 10:40:43 fedora30 systemd[1]: Starting Flush Journal to Persistent Storage...
-- Subject: A start job for unit systemd-journal-flush.service has begun execution



- The job identifier is 417.
Aug 29 10:42:57 fedora30 systemd[115]: systemd-networkd.service: Failed to set up mount namespacing: Permission denied
Aug 29 10:42:57 fedora30 systemd[115]: systemd-networkd.service: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-networkd: Permission denied
-- Subject: Process /usr/lib/systemd/systemd-networkd could not be executed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The process /usr/lib/systemd/systemd-networkd could not be executed and failed.
--
-- The error number returned by this process is ERRNO.
Aug 29 10:42:57 fedora30 systemd[1]: systemd-networkd.service: Main process exited, code=exited, status=226/NAMESPACE
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- An ExecStart= process belonging to unit systemd-networkd.service has exited.
--
-- The process' exit code is 'exited' and its exit status is 226.
Aug 29 10:42:57 fedora30 systemd[1]: systemd-networkd.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The unit systemd-networkd.service has entered the 'failed' state with result 'exit-code'.
Aug 29 10:42:57 fedora30 systemd[1]: Failed to start Network Service.
-- Subject: A start job for unit systemd-networkd.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- A start job for unit systemd-networkd.service has finished with a failure.
--
-- The job identifier is 417 and the job result is failed.
Aug 29 10:42:57 fedora30 systemd[1]: systemd-networkd.service: Service has no hold-off time (RestartSec=0), scheduling restart.
Aug 29 10:42:57 fedora30 systemd[1]: systemd-networkd.service: Scheduled restart job, restart counter is at 1.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Automatic restarting of the unit systemd-networkd.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.