Uploaded image for project: 'OpenVZ'
  1. OpenVZ
  2. OVZ-4521

[PATCH][PVE] debian-add_ip.sh script inserts /etc/interfaces.tail in wrong place

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: WONTFIX
    • Fix Version/s: OpenVZ-legacy
    • Component/s: Containers::Userspace
    • Security Level: Public
    • Environment:
      Operating System: Debian
      Platform: All

      Description

      Hi all,
      while testing Proxmox PVE I found misbehavior of /etc/vz/dists/scripts/debian-add_ip.sh . Putting post-up routing rules into /etc/interfaces.tail does not work. If i do it this way i get correct routing table but cannot ping any host in these networks. My attempts to fix this:

      1) I had to delete /etc/interfaces.tail and make additional init script
      which is started after all (including venet0:0, 0:1, etc) interfaces are
      up and running. This works fine, although i am not 100% satisfied with
      this solution, as it is not "native".

      2) I have noticed, that /etc/interfaces.tail is inserted somewhere in the middle of /etc/interfaces instead of at the end. It looks like /etc/vz/dists/scripts/debian-add_ip.sh around line 64, adds interfaces.tail, and after that /usr/lib/vzctl/scripts/vps_functions (or other scripts) adds venet0:0,0:1, etc. entries at end of /etc/interfaces.
          Following this trace, i have moved "tail" section in debian-add_ip.sh
      to add_ip() function. This attempt worked like a charm and now i am able
      to reach all networks automatically after start/reboot of guest. This fixes /etc/interfaces.tail to be added at the end of /etc/interfaces as it should be done.
          I was asked on PVE mailing list to report this as a bug to openvz bugzilla. I did not test or check other similar scripts for other distros. Anyone interested, please test patch supplied in attachment. It was generated with:
      # cd /etc/vz/dists/scripts
      # diff -Naur debian-add_ip.sh debian-add_ip.sh_modified_tail_behavior > debian-add_ip.sh_modified_tail_behavior.diff

      Procedure to make a backup and apply patch:
      1)copy .diff to your pve host (not guest) to /etc/vz/dists/scripts/
      2)ssh to your pve host
      3)# cd /etc/vz/dists/scripts/
      4)# patch -b < debian-add_ip.sh_modified_tail_behavior.diff

      P.S. I am not sure if I choose "component" field correctly while filling this bug report.
      1. debian-add_ip.sh_modified_tail_behavior.diff
        0.5 kB
        Patryk "LeadMan" Benderz
      2. debian-add-ip.diff
        0.6 kB
        Dietmar Maurer

        Issue Links

          Activity

          Hide
          dietmar@maurer-it.com Dietmar Maurer added a comment -

          Attachment debian-add-ip.diff has been added with description: Modifies /etc/vz/dists/scripts/debian-add_ip.sh script to add /etc/iinterfaces.tail properly

          Show
          dietmar@maurer-it.com Dietmar Maurer added a comment - Attachment debian-add-ip.diff has been added with description: Modifies /etc/vz/dists/scripts/debian-add_ip.sh script to add /etc/iinterfaces.tail properly
          Hide
          kir Kir Kolyshkin added a comment -

          I stared at the code for some time, here's what I figured out.

          In order for interfaces.tail to work as designed (i.e. always be inserted at the end of file) we need to recreate /etc/network/interfaces from scratch every time we add a new IP. The thing that we need to recreate it from scratch means we should know all the IP addresses a VE should have.

          This is incompatible with the current vzctl design/architecture:

          (1) When a container is running with some IP addresses and we use vzctl set $CTID --ipadd $ADDR, only $ADDR is passed to the add_ip script, not all addresses of this CT. This means we have to add the new IP incrementally, not rewrite the file completely.

          (2) When we add a new IP to /etc/network/interfaces, we add it to the end of file.

          So far I can only solve this by removing support for /etc/network/interfaces.tail since I can not make it work properly...

          Show
          kir Kir Kolyshkin added a comment - I stared at the code for some time, here's what I figured out. In order for interfaces.tail to work as designed (i.e. always be inserted at the end of file) we need to recreate /etc/network/interfaces from scratch every time we add a new IP. The thing that we need to recreate it from scratch means we should know all the IP addresses a VE should have. This is incompatible with the current vzctl design/architecture: (1) When a container is running with some IP addresses and we use vzctl set $CTID --ipadd $ADDR, only $ADDR is passed to the add_ip script, not all addresses of this CT. This means we have to add the new IP incrementally, not rewrite the file completely. (2) When we add a new IP to /etc/network/interfaces, we add it to the end of file. So far I can only solve this by removing support for /etc/network/interfaces.tail since I can not make it work properly...
          Hide
          dietmar@maurer-it.com Dietmar Maurer added a comment -

          OK, understand that now - thanks for the explaination.

          So I guess it is best to keep the current behaviour - better than nothing

          Show
          dietmar@maurer-it.com Dietmar Maurer added a comment - OK, understand that now - thanks for the explaination. So I guess it is best to keep the current behaviour - better than nothing
          Hide
          kir Kir Kolyshkin added a comment -

          (In reply to comment #6)

          > So far I can only solve this by removing support for
          > /etc/network/interfaces.tail since I can not make it work properly...

          Or let it stay but do not guarantee its contents will be at the end of file and/or updated when you add a new IP.

          Show
          kir Kir Kolyshkin added a comment - (In reply to comment #6) > So far I can only solve this by removing support for > /etc/network/interfaces.tail since I can not make it work properly... Or let it stay but do not guarantee its contents will be at the end of file and/or updated when you add a new IP.
          Hide
          kir Kir Kolyshkin added a comment -

          OK, then let it stay as is.

          Commit
          http://git.openvz.org/?p=vzctl;a=commit;h=0b36c57f39b85c411fc80e9dcb1d1f1399e98ef8
          adds a note that we can not guarantee having contents of interfaces.tail at the end of file.

          Closing as wontfix, reasons specified in comment #6.

          PS commit message contains some thoughts about how this could be solved properly, if one has the courage to do that. But it looks like the game is not worth the candle.

          Show
          kir Kir Kolyshkin added a comment - OK, then let it stay as is. Commit http://git.openvz.org/?p=vzctl;a=commit;h=0b36c57f39b85c411fc80e9dcb1d1f1399e98ef8 adds a note that we can not guarantee having contents of interfaces.tail at the end of file. Closing as wontfix, reasons specified in comment #6. PS commit message contains some thoughts about how this could be solved properly, if one has the courage to do that. But it looks like the game is not worth the candle.

            People

            • Assignee:
              kir Kir Kolyshkin
              Reporter:
              leadman@poczta.onet.pl Patryk "LeadMan" Benderz
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: