../src /src /lxc /network.c: lxc_ network_ move_ created_ netdev_ priv :3549 - Invalid argument - Failed to move network device "lxdbr2" with ifindex 74 to network namespace 146397 and rename to phys3tezeR

I am trying to bridge lxd directly to my physical router, using the extra ethernet port on my machine. It’s connected to my mikrotik, in which I’ve disconnected the port from its bridge and assigned its own IPv6 subnet with advertise on.

I created a bridge in NetworkManager and added the eno2 interface to it. I also deleted the existing “Wired connection 2” config so it wouldn’t interfere.

image1037×455 62.2 KB

I added to lxd with command: lxc network create lxdbr2 parent=lxdbr2 -t physical. Then I made it default and deleted lxdbr0.

But when I try to launch a container, this happens:

root@server:~# lxc launch ubuntu:22.04 test
Creating test
Starting test
Error: Failed to run: /snap/lxd/current/bin/lxd forkstart test /var/snap/lxd/common/lxd/containers /var/snap/lxd/common/lxd/logs/test/lxc.conf: exit status 1
Try `lxc info --show-log local:test` for more info
root@server:~# lxc info --show-log local:test
Name: test
Status: STOPPED
Type: container
Architecture: x86_64
Created: 2023/06/28 14:46 PDT
Last Used: 2023/06/28 14:46 PDT

Log:

lxc test 20230628214650.379 WARN     conf - ../src/src/lxc/conf.c:lxc_map_ids:3621 - newuidmap binary is missing
lxc test 20230628214650.379 WARN     conf - ../src/src/lxc/conf.c:lxc_map_ids:3627 - newgidmap binary is missing
lxc test 20230628214650.380 WARN     conf - ../src/src/lxc/conf.c:lxc_map_ids:3621 - newuidmap binary is missing
lxc test 20230628214650.380 WARN     conf - ../src/src/lxc/conf.c:lxc_map_ids:3627 - newgidmap binary is missing
lxc test 20230628214650.388 ERROR    network - ../src/src/lxc/network.c:lxc_network_move_created_netdev_priv:3549 - Invalid argument - Failed to move network device "lxdbr2" with ifindex 74 to network namespace 146397 and rename to phys3tezeR
lxc test 20230628214650.388 ERROR    start - ../src/src/lxc/start.c:lxc_spawn:1840 - Failed to create the network
lxc test 20230628214650.395 ERROR    lxccontainer - ../src/src/lxc/lxccontainer.c:wait_on_daemonized_start:878 - Received container state "ABORTING" instead of "RUNNING"
lxc test 20230628214650.396 ERROR    start - ../src/src/lxc/start.c:__lxc_start:2107 - Failed to spawn container "test"
lxc test 20230628214650.396 WARN     start - ../src/src/lxc/start.c:lxc_abort:1036 - No such process - Failed to send SIGKILL via pidfd 17 for process 146397
lxc 20230628214650.492 ERROR    af_unix - ../src/src/lxc/af_unix.c:lxc_abstract_unix_recv_fds_iov:218 - Connection reset by peer - Failed to receive response
lxc 20230628214650.492 ERROR    commands - ../src/src/lxc/commands.c:lxc_cmd_rsp_recv_fds:128 - Failed to receive file descriptors for command "get_init_pid"

Is there bug or am I doing wrong?

following some article on internet i got it working by not adding it as managed interface but just to the profile.

but according to docs lxd should be able to manage this interface? any reason to though? idk…

Its funny a similar issue should come up so close together.

See Error attempting to attach LXD VM NIC to host's physical network interface - #2 by tomp for a full explanation.

But basically the idea of adding support for using a physical network with a physical NIC was for consistency rather than being useful in most common scenarios.

When using a physical NIC (Linux Containers - LXD - Has been moved to Canonical) the actual host interface is moved into the instance so it no longer appears on the host.

This means that when using a physical network for an instance, it can only be used with a single running instance at a time. This maybe useful in certain niche circumstances.

But when we were discussing this with @ru-fu we did add some notes to the physical NIC documentation (Linux Containers - LXD - Has been moved to Canonical):

A physical NIC provides straight physical device pass-through from the host. The targeted device will vanish from the host and appear in the instance (which means that you can have only one physical NIC for each targeted device).