Allow announcing extra routes through DHCPv4 #1734
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
gwenya
force-pushed
the
dhcp-static-routes
branch
4 times, most recently
from
024cd42 to
67a8054
Compare
|
something is wrong with the tests I wrote but I can't figure out how to run them locally to properly figure out the issue :/ |
|
I think it can probably just be |
That's fine, we don't pay for the Github runners ;) Just push some debug commits to dump the network config, instance config, full output of the routing table in the container, ... It may be as simple as the tiny busybox image on the Ubuntu 22.04 runners not supporting option 121. |
gwenya
force-pushed
the
dhcp-static-routes
branch
from
fdb4a59 to
c8dc273
Compare
|
I think we might not be running a dhcp4 client (or server?) at all in the tests, is that possible? I just did a run with default settings, and not only does the machine not have an ipv4 on its eth0, The only other test that looks at the leases is network.sh, and that one only tests static leases. I'm not sure if and how it is possible to test this in the github runners, and right now I'm having trouble testing it on my laptop because any bridge networks I create don't get dhcp at all for some reason (works fine on ovn though, so probably a dnsmasq issue) |
|
oh wait nvm the issue with my bridges locally is just firewall >.< |
|
looking into |
|
I now have the tests with bridge network passing. OCI get skipped because offline mode, and OVN isn't available on the test runners so I made them skip if the ovn network creation fails (I think we don't have a way of detecting if OVN is available). |
gwenya
force-pushed
the
dhcp-static-routes
branch
6 times, most recently
from
a29a1b3 to
85917ee
Compare
|
I think this probably needs an API extension as well, should I just add one? |
gwenya
force-pushed
the
dhcp-static-routes
branch
from
85917ee to
722a2d4
Compare
|
I think there is still a bug with the ovn networks, it seems these routes now override the route to the uplink dns server, and I'm gonna have to dig a bit deeper to figure out what is going on there, and why we are routing the uplink DNS in the first place. Edit: nvm, we can ignore the route because it is caught by the default route anyways, and it's just added by some dhcp clients for some reason rather than actively being sent. I'm still trying to figure out why the uplink DNS server is used rather than the OVN one though. |
gwenya
force-pushed
the
dhcp-static-routes
branch
from
722a2d4 to
fddbb2d
Compare
stgraber
force-pushed
the
dhcp-static-routes
branch
from
fddbb2d to
c2e945f
Compare
stgraber
force-pushed
the
dhcp-static-routes
branch
from
c2e945f to
c17870e
Compare
stgraber
changed the title
stgraber
approved these changes
Mar 10, 2025
Signed-off-by: Stéphane Graber <[email protected]>
Signed-off-by: Gwendolyn <[email protected]>
Signed-off-by: Gwendolyn <[email protected]>
Signed-off-by: Gwendolyn <[email protected]>
… dhcp client Signed-off-by: Gwendolyn <[email protected]>
Signed-off-by: Gwendolyn <[email protected]>
Signed-off-by: Gwendolyn <[email protected]>
Signed-off-by: Stéphane Graber <[email protected]>
stgraber
force-pushed
the
dhcp-static-routes
branch
from
625626e to
e2516a0
Compare
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Mar 31, 2025
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [lxc/incus](https://github.com/lxc/incus) | minor | `v6.10.1` -> `v6.11.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>lxc/incus (lxc/incus)</summary> ### [`v6.11.0`](https://github.com/lxc/incus/releases/tag/v6.11.0): Incus 6.11 [Compare Source](lxc/incus@v6.10.1...v6.11.0) ### Announcement https://discuss.linuxcontainers.org/t/incus-6-11-has-been-released/23322 #### What's Changed - Allow ICMP and low ports for unprivileged users in OCI containers by [@​gwenya](https://github.com/gwenya) in lxc/incus#1706 - doc: Clarify virtiofsd requirements by [@​stgraber](https://github.com/stgraber) in lxc/incus#1718 - Fix generate-database usage for incusd/db by [@​breml](https://github.com/breml) in lxc/incus#1719 - Do not allow mounting of custom block volume snapshots by [@​presztak](https://github.com/presztak) in lxc/incus#1720 - generate-database: Abstract db connection / db transaction by [@​breml](https://github.com/breml) in lxc/incus#1721 - Fix snapshot size handling in cross-pool copy/move by [@​presztak](https://github.com/presztak) in lxc/incus#1717 - generate-database: Accept interface in PrepareStmts by [@​breml](https://github.com/breml) in lxc/incus#1725 - Simplify `evaluateShorthandFilter` by reducing nesting levels by [@​presztak](https://github.com/presztak) in lxc/incus#1727 - incusd/storage: Don't use sparse writer on thick LVM by [@​stgraber](https://github.com/stgraber) in lxc/incus#1729 - generate-database: Add support for marshal to JSON by [@​breml](https://github.com/breml) in lxc/incus#1731 - Fixed incus edk2 path overwrite issue by [@​nanjj](https://github.com/nanjj) in lxc/incus#1726 - Do not download instance types if cache loadable by [@​nanjj](https://github.com/nanjj) in lxc/incus#1732 - Clarify security.secureboot setting by [@​gwenya](https://github.com/gwenya) in lxc/incus#1740 - Fix DNS for isolated OVN networks by [@​gwenya](https://github.com/gwenya) in lxc/incus#1738 - Allow announcing extra routes through DHCPv4 by [@​gwenya](https://github.com/gwenya) in lxc/incus#1734 - Fix link parsing failure on non-ethernet devices by [@​stgraber](https://github.com/stgraber) in lxc/incus#1742 - Fix revert on OCI container creation failure by [@​gwenya](https://github.com/gwenya) in lxc/incus#1744 - generate-database: Handle non tx DB connections by [@​breml](https://github.com/breml) in lxc/incus#1745 - incus file edit extension by [@​gwenya](https://github.com/gwenya) in lxc/incus#1746 - Cleanup internal API endpoints by [@​stgraber](https://github.com/stgraber) in lxc/incus#1747 - Tweak help message for rebuild by [@​stgraber](https://github.com/stgraber) in lxc/incus#1754 - Use lego binary for DNS-01 challenge by [@​accuser](https://github.com/accuser) in lxc/incus#1753 - incusd/storage/zfs: Fix ZFS CreateVolume deletes pre-existing data on failure by [@​mrstux](https://github.com/mrstux) in lxc/incus#1749 - incus/file: Always use 1MB chunks for SFTP by [@​stgraber](https://github.com/stgraber) in lxc/incus#1758 - Use the correct path for ingesting DNS-01 challenge certificate outputs by [@​accuser](https://github.com/accuser) in lxc/incus#1759 - incusd/bgp: Rework start/stop logic by [@​stgraber](https://github.com/stgraber) in lxc/incus#1761 - incusd/network/ovn: Skip existing static routes by [@​stgraber](https://github.com/stgraber) in lxc/incus#1762 - incusd/instance/qemu: Set caching-mode with intel-iommu by [@​stgraber](https://github.com/stgraber) in lxc/incus#1772 - incus-agent: Improve SFTP performance by [@​stgraber](https://github.com/stgraber) in lxc/incus#1773 - incusd/network/ovn: Keep getting router name when network none by [@​diegofernandes](https://github.com/diegofernandes) in lxc/incus#1771 - make `incus copy --device xx,type=none` drop remaining device properties by [@​schnoddelbotz](https://github.com/schnoddelbotz) in lxc/incus#1764 - incusd/instance/qemu: rtc base localtime for windows by [@​nanjj](https://github.com/nanjj) in lxc/incus#1767 - Add option to configure DNS server for bridge and OVN networks by [@​gwenya](https://github.com/gwenya) in lxc/incus#1739 - Use lego binary for http 01 challenge by [@​accuser](https://github.com/accuser) in lxc/incus#1770 - Handle live migration between QEMU versions by [@​stgraber](https://github.com/stgraber) in lxc/incus#1775 - incusd/instance/qemu: Skip to link nvram to itself by [@​nanjj](https://github.com/nanjj) in lxc/incus#1760 - Switch to new MAC address prefix by [@​stgraber](https://github.com/stgraber) in lxc/incus#1776 - client: Fix spelling errors found by codespell by [@​cjwatson](https://github.com/cjwatson) in lxc/incus#1777 - Add ipv4.dhcp.expiry option for ovn networks by [@​gwenya](https://github.com/gwenya) in lxc/incus#1781 - Configure DHCP on existing instance interfaces when it is enabled on a network by [@​gwenya](https://github.com/gwenya) in lxc/incus#1780 - incusd/instance/edk2: Select SecureBoot capable firmware on Debian by [@​stgraber](https://github.com/stgraber) in lxc/incus#1782 - Fix some `go vet` warnings by [@​stgraber](https://github.com/stgraber) in lxc/incus#1784 - Clear gofumpt by [@​stgraber](https://github.com/stgraber) in lxc/incus#1803 - Fix some BGP issues by [@​stgraber](https://github.com/stgraber) in lxc/incus#1805 - incusd/instance/qemu: bad pid check by [@​nanjj](https://github.com/nanjj) in lxc/incus#1806 - Fix spelling errors and run codespell automatically by [@​cjwatson](https://github.com/cjwatson) in lxc/incus#1778 - incus/file: Properly handle relative source paths by [@​stgraber](https://github.com/stgraber) in lxc/incus#1809 - cmd/storage: incorrect CLI syntax in storage pool creation examples by [@​ViniRodrig](https://github.com/ViniRodrig) in lxc/incus#1810 - Improve DB performance by [@​stgraber](https://github.com/stgraber) in lxc/incus#1811 - incusd/network/ovn: Fix default DNS IPv4 server by [@​stgraber](https://github.com/stgraber) in lxc/incus#1812 - Extend OS detection logic by [@​stgraber](https://github.com/stgraber) in lxc/incus#1813 - Add allocated CPU time to instance state by [@​bensmrs](https://github.com/bensmrs) in lxc/incus#1807 - incusd/certificates: Properly handle bad PEM data by [@​stgraber](https://github.com/stgraber) in lxc/incus#1816 - Extra `generate-database` features by [@​masnax](https://github.com/masnax) in lxc/incus#1817 - incusd/network/common: Handle missing BGP peer by [@​stgraber](https://github.com/stgraber) in lxc/incus#1818 - incusd/cluster/evacuate: Don't live-migrate stopped instances by [@​stgraber](https://github.com/stgraber) in lxc/incus#1819 - Fix generator table pluralization by [@​masnax](https://github.com/masnax) in lxc/incus#1823 - incusd/instance/qemu enable s4 by default by [@​nanjj](https://github.com/nanjj) in lxc/incus#1820 - Add support for USB NICs by [@​bensmrs](https://github.com/bensmrs) in lxc/incus#1814 - incusd/storage/s3 Fixed minio client mc too ambious issue by [@​nanjj](https://github.com/nanjj) in lxc/incus#1821 - incusd/networks: Validate configuration on join too by [@​stgraber](https://github.com/stgraber) in lxc/incus#1824 - Update gomod for go-jwt vulnerability by [@​stgraber](https://github.com/stgraber) in lxc/incus#1825 - cmd/generate-database/db: Fix GetNames spacing by [@​masnax](https://github.com/masnax) in lxc/incus#1826 - github: Rework issue templates by [@​stgraber](https://github.com/stgraber) in lxc/incus#1827 - Update Debian installation documentation by [@​gibmat](https://github.com/gibmat) in lxc/incus#1830 - Extend minio client naming by [@​gibmat](https://github.com/gibmat) in lxc/incus#1829 - Various fixes from address set MR by [@​stgraber](https://github.com/stgraber) in lxc/incus#1831 - incusd/instance/lxc: Cleanup OCI mount paths by [@​stgraber](https://github.com/stgraber) in lxc/incus#1834 - Add `io.bus=usb` for disks by [@​bensmrs](https://github.com/bensmrs) in lxc/incus#1835 - golangci: Upgrade to version 2 by [@​stgraber](https://github.com/stgraber) in lxc/incus#1836 - golangci: Disable STI005 error checks by [@​stgraber](https://github.com/stgraber) in lxc/incus#1841 - Standalone changes from the Linstor branch by [@​stgraber](https://github.com/stgraber) in lxc/incus#1842 - incusd/storage/s3 minio client check enhancement by [@​nanjj](https://github.com/nanjj) in lxc/incus#1839 - incusd/network/ovn: Remove internal routes to forward/load-balancers by [@​stgraber](https://github.com/stgraber) in lxc/incus#1843 - incusd/instance/edk2: Always prefer the EDK2 override by [@​stgraber](https://github.com/stgraber) in lxc/incus#1847 - Fixes from Linstor branch by [@​stgraber](https://github.com/stgraber) in lxc/incus#1846 - Add `linstor` storage driver by [@​luissimas](https://github.com/luissimas) in lxc/incus#1621 - Add `linstor.remove_snapshots` config option by [@​luissimas](https://github.com/luissimas) in lxc/incus#1848 - doc/support: Update feature release version by [@​bensmrs](https://github.com/bensmrs) in lxc/incus#1853 - incusd/instance: Don't enforce device/config validation on snapshots by [@​stgraber](https://github.com/stgraber) in lxc/incus#1854 - OCI entrypoint configuration by [@​gwenya](https://github.com/gwenya) in lxc/incus#1845 #### New Contributors - [@​mrstux](https://github.com/mrstux) made their first contribution in lxc/incus#1749 - [@​diegofernandes](https://github.com/diegofernandes) made their first contribution in lxc/incus#1771 - [@​schnoddelbotz](https://github.com/schnoddelbotz) made their first contribution in lxc/incus#1764 - [@​cjwatson](https://github.com/cjwatson) made their first contribution in lxc/incus#1777 - [@​ViniRodrig](https://github.com/ViniRodrig) made their first contribution in lxc/incus#1810 - [@​masnax](https://github.com/masnax) made their first contribution in lxc/incus#1817 **Full Changelog**: lxc/incus@v6.10.1...v6.11.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMTguMSIsInVwZGF0ZWRJblZlciI6IjM5LjIxOC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a new option
ipv4.dhcp.static-routesfor both bridge and ovn networks. The value of the option is directly passed through to dnsmasq and ovsdb respectively, to be used as DHCP option 121.