From: Serge Hallyn <serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
To: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
"Stéphane Graber"
<stephane.graber-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>,
"Daniel Lezcano" <dlezcano-GANU6spQydw@public.gmane.org>,
lxc-users-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
"Dan Kegel" <dank-XdDNpL9cdsoAvxtiuMwx3w@public.gmane.org>
Subject: Re: uevent when moving nic between network namespaces?
Date: Fri, 12 Oct 2012 14:18:28 -0500 [thread overview]
Message-ID: <20121012191828.GA12200@sergelap> (raw)
In-Reply-To: <871uh4pdzd.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
Quoting Eric W. Biederman (ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org):
> Serge Hallyn <serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> writes:
>
> > Hi,
> >
> > Dan Kegel (cc:d) found an interesting nuisance relating to upstart
> > and network interfaces with lxc containers. In particular, when you
> > start a container, two veths are created. A uevent for their creation
> > is sent, and so a 'network-interface' upstart job is created for each.
> > One of the veths is passed into the container. When the container
> > shuts down, the veth in the init-net-ns gets a net-device-removed
> > uevent, so the network-interface upstart job goes away. But the veth
> > in the container doesn't cause a net-device-removed upstart uevent
> > to be sent. So its network-interface upstart job sticks around.
> >
> > The details are at:
> >
> > https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1065589
> >
> > I notice that when simply renaming a netdev (sudo ip link set veth1 name
> > veth2) then udevadm monitor shows:
> >
> > KERNEL[17945.234850] move /devices/virtual/net/veth2 (net)
> > UDEV [17945.235758] move /devices/virtual/net/veth2 (net)
> >
> > but when I do 'sudo ip link set veth2 netns 27689' then 'udevadm
> > monitor' shows nothing.
> >
> > When I do
> >
> > sudo ip link set veth1 netns 32296
> > (in process 32296) sudo ip link set veth1 name veth2
> >
> > then, again udevadm monitor shows nothing.
> >
> > So the question is, should the kernel be sending uevents for
> > net-device-removed and then net-device-added when a nic is moved
> > between network namespaces? Or should lxc just fake that?
>
> To the best of my memory I wired up those events, and they should be
> delivered. Now they uevents will only be delivered in the relevant
> network namespace.
>
> Hmm. But the relevant code in the kernel is device_rename, and it
> happens after we switch the network namespace on the device.
>
> Which probably means that in practice only the new network namespace is
> seeing uevents.
>
> Grr.
Ah, indeed. A few more experiments show that:
1. 'sudo ip link add type veth' on the host ends up with some kernel
messages, namely
KERNEL[389.393581] add /devices/virtual/net/veth1/queues/rx-0 (queues)
KERNEL[389.394953] add /devices/virtual/net/veth1/queues/tx-0 (queues)
sent to all namespaces - though the
UDEV [389.405255] add /devices/virtual/net/veth1 (net)
only gets sent to the initial namespace.
2. Then when I 'sudo ip link set veth1 netns <pid-in-container>', I get
KERNEL[405.041296] move /devices/virtual/net/veth2 (net)
only in the container's namespace - exactly as you said above should
happen.
Eric, are you working on a patch for this? Should we just explicitly
add a remove uevent before doing the transition, or is it more
complicated than that?
thanks,
-serge
next prev parent reply other threads:[~2012-10-12 19:18 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-12 3:13 uevent when moving nic between network namespaces? Serge Hallyn
2012-10-12 3:26 ` Eric W. Biederman
[not found] ` <871uh4pdzd.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-10-12 19:18 ` Serge Hallyn [this message]
2012-10-12 19:38 ` Eric W. Biederman
[not found] ` <87sj9jmqew.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-10-12 21:56 ` Serge Hallyn
2012-10-12 22:08 ` Eric W. Biederman
[not found] ` <87bog7mjhm.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-10-12 22:17 ` Serge Hallyn
2012-10-12 22:29 ` Eric W. Biederman
[not found] ` <87626fmihz.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-10-13 5:17 ` Serge Hallyn
2012-10-13 5:27 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121012191828.GA12200@sergelap \
--to=serge.hallyn-z7wlfzj8ewms+fvcfc7uqw@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=dank-XdDNpL9cdsoAvxtiuMwx3w@public.gmane.org \
--cc=dlezcano-GANU6spQydw@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=lxc-users-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=stephane.graber-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox