[lxc-devel] [lxd/master] Network: Generates EUI64 IPv6 DNS record for OVN NICs when static IPv4 address is defined

Fri, 16 Oct 2020 07:30:24 -0700 

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/8045

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
Fixes an issue where if a static IPv4 address was set for a NIC using ipv4.address, as OVN does not allow a mixture of static and dynamic IPs on a port, this would prevent a dynamic IPv6 address from being added to the port, which in turn prevented a DNS name from being created. 

We now populate the logical port with a static EUI64 address if only static IPv4 addresses are set, and IPv6 is enabled on the bridge.

From c470380fd10673ee00dd9bf1e28371bf4e3fb2bb Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Fri, 16 Oct 2020 10:18:27 +0100
Subject: [PATCH 1/2] lxd/device/nic/ovn: Improved error messages

Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
 lxd/device/nic_ovn.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lxd/device/nic_ovn.go b/lxd/device/nic_ovn.go
index 766adbcdf0..091888ab60 100644
--- a/lxd/device/nic_ovn.go
+++ b/lxd/device/nic_ovn.go
@@ -300,7 +300,7 @@ func (d *nicOVN) Start() (*deviceConfig.RunConfig, error) {
 
                internalRoutes, err = network.SubnetParseAppend(internalRoutes, 
strings.Split(d.config[key], ",")...)
                if err != nil {
-                       return nil, errors.Wrapf(err, "Invalid %s", key)
+                       return nil, errors.Wrapf(err, "Invalid %q value", key)
                }
        }
 
@@ -312,7 +312,7 @@ func (d *nicOVN) Start() (*deviceConfig.RunConfig, error) {
 
                externalRoutes, err = network.SubnetParseAppend(externalRoutes, 
strings.Split(d.config[key], ",")...)
                if err != nil {
-                       return nil, errors.Wrapf(err, "Invalid %s", key)
+                       return nil, errors.Wrapf(err, "Invalid %q value", key)
                }
        }
 
@@ -439,7 +439,7 @@ func (d *nicOVN) Stop() (*deviceConfig.RunConfig, error) {
 
                internalRoutes, err = network.SubnetParseAppend(internalRoutes, 
strings.Split(d.config[key], ",")...)
                if err != nil {
-                       return nil, errors.Wrapf(err, "Invalid %s", key)
+                       return nil, errors.Wrapf(err, "Invalid %q value", key)
                }
        }
 
@@ -451,7 +451,7 @@ func (d *nicOVN) Stop() (*deviceConfig.RunConfig, error) {
 
                externalRoutes, err = network.SubnetParseAppend(externalRoutes, 
strings.Split(d.config[key], ",")...)
                if err != nil {
-                       return nil, errors.Wrapf(err, "Invalid %s", key)
+                       return nil, errors.Wrapf(err, "Invalid %q value", key)
                }
        }
 

From 1666e7465339f83f126960324849268e495a4c71 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Fri, 16 Oct 2020 14:32:48 +0100
Subject: [PATCH 2/2] lxd/network/driver/ovn: Generates static EUI64 IPv6
 address for instance switch ports in instanceDevicePortAdd

When only static IPv4 addresses have been added to a logical switch port.

This ensures that the switch port has an IPv6 address, as OVN has a limitation 
that prevents a port from being statically addressed for IPv4 and dynamically 
allocated for IPv6.

This in turn meant that if using the `ipv4.address` key without an associated 
`ipv6.address` key, then AAAA DNS record would not be created.

Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
 lxd/network/driver_ovn.go | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index a6dc816a7a..47f1c0daf9 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -1873,6 +1873,30 @@ func (n *ovn) instanceDevicePortAdd(instanceID int, 
instanceName string, deviceN
                if err != nil {
                        return "", err
                }
+
+               // If port isn't going to have fully dynamic IPs allocated by 
OVN, and instead only static IPv4
+               // addresses have been added, then add an EUI64 static IPv6 
address so that the switch port has an
+               // IPv6 address that will be used to generate a DNS record. 
This works around a limitation in OVN
+               // that prevents us requesting dynamic IPv6 address allocation 
when static IPv4 allocation is used.
+               if len(ips) > 0 {
+                       hasIPv6 := false
+                       for _, ip := range ips {
+                               if ip.To4() == nil {
+                                       hasIPv6 = true
+                                       break
+                               }
+                       }
+
+                       if !hasIPv6 {
+                               eui64IP, err := 
eui64.ParseMAC(routerIntPortIPv6Net.IP, mac)
+                               if err != nil {
+                                       return "", errors.Wrapf(err, "Failed 
generating EUI64 for instance port %q", mac.String())
+                               }
+
+                               // Add EUI64 to list of static IPs for instance 
port.
+                               ips = append(ips, eui64IP)
+                       }
+               }
        }
 
        instancePortName := n.getInstanceDevicePortName(instanceID, deviceName)

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to