I run Suricata in a LXC, and pass a physical interface directly into my container, which has been working great for a while now. I update PVE, reboot the server, and the container will no longer boot. Something odd has happened, but I don't understand it.
Here is my current LXC config:
If I try to start, I get an error:
Interestingly, it looks like my system has somehow renamed eth3 to span0:
But If I try updating `lxc.network.link` to `span0`, I get the exact same error about `failed to retrieve the index for eth3`.
Also interestingly, if I move the cat6 cable to the port for eth1, and update `lxc.network.link` to `eth1`, I still get the same error, `failed to retrieve the index for eth3`. The error ALWAYS complains about the index for eth3, regardless of what interfaces I specify in my config file. If I comment out the `lxc.network.*` sections, the container starts up just fine.
Did something change between 4.2 and 4.4 in regards to this?
pveversion:
Thanks!
Here is my current LXC config:
Code:
arch: amd64
cpulimit: 4
cpuunits: 1024
hostname: ids
memory: 2048
net0: name=eth0,bridge=vmbr0,gw=172.16.1.254,hwaddr=F2:38:F2:9E:75:5C,ip=172.16.1.129/24,type=veth
onboot: 1
ostype: centos
rootfs: zfs_lxc:subvol-129-disk-1,size=20G
startup: up=2
swap: 1024
lxc.aa_profile: unconfined
lxc.network.type: phys
lxc.network.link: eth3
lxc.network.name: span0
lxc.network.flags: upIf I try to start, I get an error:
Code:
root@server:/etc/pve/lxc# lxc-start -n 129 -F
lxc-start: conf.c: instantiate_phys: 2778 failed to retrieve the index for eth3
lxc-start: conf.c: lxc_create_network: 2888 failed to create netdev
lxc-start: start.c: lxc_spawn: 1081 Failed to create the network.
lxc-start: start.c: __lxc_start: 1357 Failed to spawn container "129".
lxc-start: tools/lxc_start.c: main: 365 The container failed to start.
lxc-start: tools/lxc_start.c: main: 369 Additional information can be obtained by setting the --logfile and --logpriority options.Interestingly, it looks like my system has somehow renamed eth3 to span0:
Code:
root@jormungandr:/etc/pve/lxc# ls /proc/sys/net/ipv4/conf/
all eth0 eth4 ovs-system tap134i0 veth103i0 veth106i0 veth109i0 veth112i0 veth115i0 veth118i0 veth121i0 veth124i0 veth128i0 veth163i0
bond0 eth1 eth5 span0 tap135i0 veth104i0 veth107i0 veth110i0 veth113i0 veth116i0 veth119i0 veth122i0 veth125i0 veth130i0 veth164i0
default eth2 lo tap101i0 tap137i0 veth105i0 veth108i0 veth111i0 veth114i0 veth117i0 veth120i0 veth123i0 veth127i0 veth162i0 vmbr0But If I try updating `lxc.network.link` to `span0`, I get the exact same error about `failed to retrieve the index for eth3`.
Also interestingly, if I move the cat6 cable to the port for eth1, and update `lxc.network.link` to `eth1`, I still get the same error, `failed to retrieve the index for eth3`. The error ALWAYS complains about the index for eth3, regardless of what interfaces I specify in my config file. If I comment out the `lxc.network.*` sections, the container starts up just fine.
Did something change between 4.2 and 4.4 in regards to this?
pveversion:
Code:
root@server:/etc/pve/lxc# pveversion --verbose
proxmox-ve: 4.3-66 (running kernel: 4.4.19-1-pve)
pve-manager: 4.4-5 (running version: 4.4-5/c43015a5)
pve-kernel-4.4.6-1-pve: 4.4.6-48
pve-kernel-4.4.8-1-pve: 4.4.8-52
pve-kernel-4.4.19-1-pve: 4.4.19-66
lvm2: 2.02.116-pve3
corosync-pve: 2.4.0-1
libqb0: 1.0-1
pve-cluster: 4.0-48
qemu-server: 4.0-102
pve-firmware: 1.1-10
libpve-common-perl: 4.0-85
libpve-access-control: 4.0-19
libpve-storage-perl: 4.0-71
pve-libspice-server1: 0.12.8-1
vncterm: 1.2-1
pve-docs: 4.4-1
pve-qemu-kvm: 2.7.1-1
pve-container: 1.0-90
pve-firewall: 2.0-33
pve-ha-manager: 1.0-38
ksm-control-daemon: 1.2-1
glusterfs-client: 3.5.2-2+deb8u2
lxc-pve: 2.0.6-5
lxcfs: 2.0.5-pve2
criu: 1.6.0-1
novnc-pve: 0.5-8
smartmontools: 6.5+svn4324-1~pve80
zfsutils: 0.6.5.7-pve10~bpo80
openvswitch-switch: 2.6.0-2Thanks!
