Always create containers with fixed MAC addresses

Patch I0d83fd4895d4c5beaf5a84a239c1a1ed71521dee dropped the ARP=yes
option for networkd because it's not supported by old systemd releases.
This however brings back a problem where the default one sysctl
arp_notify option in the kernel may not correctly set for our use case.
Containers are created with random MAC addresses so we need to ensure
that ARP entries are populated correctly when a container is restarted.
Instead of having to implement some sort of a new workaround on the host,
it's probably better to create all containers with fixed MAC addresses from
now on.

Change-Id: I8ad390fc3ce27756f26c57c92aaa3adc8e506a17
This commit is contained in:
Markos Chandras 2018-03-06 16:57:49 +00:00
parent 5896c16b9f
commit 49309c4a92
5 changed files with 5 additions and 18 deletions

View File

@ -154,9 +154,6 @@ lxc_container_networks:
interface: eth0 interface: eth0
type: veth type: veth
# Enable fixed mac address generation for an lxc container
lxc_container_fixed_mac: false
# Enable destroying then recreating containers # Enable destroying then recreating containers
lxc_container_recreate: false lxc_container_recreate: false

View File

@ -0,0 +1,5 @@
---
deprecations:
- |
The `lxc_container_fixed_mac` option has been removed and containers will
be created with static mac addresses.

View File

@ -102,8 +102,6 @@
mode: "0755" mode: "0755"
delegate_to: "{{ physical_host }}" delegate_to: "{{ physical_host }}"
with_dict: "{{ lxc_container_networks_combined }}" with_dict: "{{ lxc_container_networks_combined }}"
when:
- lxc_container_fixed_mac | bool
- name: Set define static mac address from an existing interface - name: Set define static mac address from an existing interface
command: "/openstack/{{ inventory_hostname }}/{{ item.value.interface }}_mac_generation.sh" command: "/openstack/{{ inventory_hostname }}/{{ item.value.interface }}_mac_generation.sh"
@ -111,8 +109,6 @@
creates: "/var/lib/lxc/{{ inventory_hostname }}/{{ item.value.interface }}.hwaddr" creates: "/var/lib/lxc/{{ inventory_hostname }}/{{ item.value.interface }}.hwaddr"
delegate_to: "{{ physical_host }}" delegate_to: "{{ physical_host }}"
with_dict: "{{ lxc_container_networks_combined }}" with_dict: "{{ lxc_container_networks_combined }}"
when:
- lxc_container_fixed_mac | bool
- name: Gather hardware addresses to be used as facts - name: Gather hardware addresses to be used as facts
slurp: slurp:
@ -121,8 +117,6 @@
register: macs register: macs
with_dict: "{{ lxc_container_networks_combined }}" with_dict: "{{ lxc_container_networks_combined }}"
delegate_to: "{{ physical_host }}" delegate_to: "{{ physical_host }}"
when:
- lxc_container_fixed_mac | bool
# NOTE(cloudnull): To dynamically set the the mac address "facts" Ansible line # NOTE(cloudnull): To dynamically set the the mac address "facts" Ansible line
# format is being used # format is being used
@ -130,8 +124,6 @@
set_fact: "{{item.item.value.interface }}_mac_address={{ item.content | b64decode }}" set_fact: "{{item.item.value.interface }}_mac_address={{ item.content | b64decode }}"
with_items: with_items:
- "{{ macs.results }}" - "{{ macs.results }}"
when:
- lxc_container_fixed_mac | bool
- name: LXC host config for container networks - name: LXC host config for container networks
template: template:

View File

@ -13,11 +13,7 @@ lxc.network.veth.pair = {{ lxc_container_network_veth_pair[-15:] }}
# Host link to attach to, this should be a bridge if lxc.network.type = veth # Host link to attach to, this should be a bridge if lxc.network.type = veth
lxc.network.link = {{ item.value.bridge }} lxc.network.link = {{ item.value.bridge }}
# Hardware Address # Hardware Address
{% if lxc_container_fixed_mac | bool %}
lxc.network.hwaddr = {{ hostvars[inventory_hostname][item.value.interface + '_mac_address'] }} lxc.network.hwaddr = {{ hostvars[inventory_hostname][item.value.interface + '_mac_address'] }}
{% else %}
lxc.network.hwaddr = 00:16:3e:xx:xx:xx
{% endif %}
# enable the device on boot # enable the device on boot
lxc.network.flags = up lxc.network.flags = up
# Set the container network MTU # Set the container network MTU

View File

@ -5,6 +5,3 @@ ansible_user: root
lxc_container_config_list: lxc_container_config_list:
# The unconfined profile is causing problems with overlayfs. See https://bugs.launchpad.net/openstack-ansible/+bug/1612412 # The unconfined profile is causing problems with overlayfs. See https://bugs.launchpad.net/openstack-ansible/+bug/1612412
- "lxc.aa_profile={{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}" - "lxc.aa_profile={{ (lxc_container_backing_store == 'overlayfs') | ternary('lxc-openstack', 'unconfined') }}"
# TEST FOR FIXED MAC ADDRESS
lxc_container_fixed_mac: true