all lists on lists.proxmox.com
 help / color / mirror / Atom feed
From: Filip Schauer <f.schauer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH container v3 06/13] configure static IP in LXC config for custom entrypoint
Date: Wed,  9 Jul 2025 14:34:23 +0200	[thread overview]
Message-ID: <20250709123435.64796-7-f.schauer@proxmox.com> (raw)
In-Reply-To: <20250709123435.64796-1-f.schauer@proxmox.com>

When a container uses the default `/sbin/init` entrypoint, network
interface configuration is usually managed by processes within the
container. However, containers with a different entrypoint might not
have any internal network management process. Consequently, IP addresses
might not be assigned.

This change ensures that a static IP address is explicitly set in the
LXC config for the container.

Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
---
Changed since v2:
* rebase onto newest master (5a8b3f962f16) and re-format with
  proxmox-perltidy
* add an "ipmanagehost" property to pct.conf to control whether network
  interface IP configuration should be handled by the host.

 src/PVE/API2/LXC.pm   |  4 ++++
 src/PVE/LXC.pm        | 15 +++++++++++++++
 src/PVE/LXC/Config.pm | 14 ++++++++++++++
 3 files changed, 33 insertions(+)

diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index c3d0037..096dfb8 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -587,6 +587,10 @@ __PACKAGE__->register_method({
                                 # An entrypoint other than /sbin/init breaks the tty console mode.
                                 # This is fixed by setting cmode: console
                                 $conf->{cmode} = 'console';
+
+                                # Manage the IP configuration for the container. A container with a
+                                # custom entrypoint likely lacks internal network management.
+                                $conf->{ipmanagehost} = 1;
                             }
                         }
 
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 37ff8e1..7c9caf6 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -835,6 +835,21 @@ sub update_lxc_config {
         if ($lxc_major >= 4) {
             $raw .= "lxc.net.$ind.script.up = /usr/share/lxc/lxcnetaddbr\n";
         }
+
+        if ((!defined($d->{link_down}) || $d->{link_down} != 1) && $conf->{ipmanagehost}) {
+            if (defined($d->{ip})) {
+                die "$k: DHCP is not supported with a custom entrypoint\n" if $d->{ip} eq 'dhcp';
+                $raw .= "lxc.net.$ind.ipv4.address = $d->{ip}\n" if $d->{ip} ne 'manual';
+            }
+            $raw .= "lxc.net.$ind.ipv4.gateway = $d->{gw}\n" if defined($d->{gw});
+            if (defined($d->{ip6})) {
+                die "$k: DHCPv6 and SLAAC are not supported with a custom entrypoint\n"
+                    if $d->{ip6} =~ /^(auto|dhcp)$/;
+                $raw .= "lxc.net.$ind.ipv6.address = $d->{ip6}\n" if $d->{ip6} ne 'manual';
+            }
+            $raw .= "lxc.net.$ind.ipv6.gateway = $d->{gw6}\n" if defined($d->{gw6});
+            $raw .= "lxc.net.$ind.flags = up\n";
+        }
     }
 
     my $had_cpuset = 0;
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index fb370cf..c2f56e4 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -594,6 +594,12 @@ my $confdesc = {
             . " This is saved as comment inside the configuration file.",
         maxLength => 1024 * 8,
     },
+    ipmanagehost => {
+        type => 'boolean',
+        description =>
+            "Whether this interface's IP configuration should be managed by the host.",
+        optional => 1,
+    },
     searchdomain => {
         optional => 1,
         type => 'string',
@@ -1284,6 +1290,14 @@ sub update_pct_config {
                 die "$opt: MTU size '$mtu' is bigger than bridge MTU '$bridge_mtu'\n"
                     if ($mtu > $bridge_mtu);
             }
+
+            if ((!defined($res->{link_down}) || $res->{link_down} != 1) && $conf->{ipmanagehost}) {
+                die "$opt: DHCP is not supported with a custom entrypoint\n"
+                    if defined($res->{ip}) && $res->{ip} eq 'dhcp';
+
+                die "$opt: DHCPv6 and SLAAC are not supported with a custom entrypoint\n"
+                    if defined($res->{ip6}) && $res->{ip6} =~ /^(auto|dhcp)$/;
+            }
         } elsif ($opt =~ m/^dev(\d+)$/) {
             my $device = $class->parse_device($value);
 
-- 
2.47.2



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


  parent reply	other threads:[~2025-07-09 12:35 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-07-09 12:34 [pve-devel] [PATCH container/docs/lxcfs/manager/proxmox{, -perl-rs}/storage v3 00/13] support OCI images as container templates Filip Schauer
2025-07-09 12:34 ` [pve-devel] [PATCH proxmox v3 01/13] io: introduce RangeReader for bounded reads Filip Schauer
2025-07-10  6:04   ` Thomas Lamprecht
2025-07-09 12:34 ` [pve-devel] [PATCH proxmox v3 02/13] add proxmox-oci crate Filip Schauer
2025-07-10  8:46   ` Wolfgang Bumiller
2025-07-09 12:34 ` [pve-devel] [PATCH proxmox-perl-rs v3 03/13] add Perl mapping for OCI container image parser/extractor Filip Schauer
2025-07-10 10:39   ` Wolfgang Bumiller
2025-07-09 12:34 ` [pve-devel] [PATCH container v3 04/13] add support for OCI images as container templates Filip Schauer
2025-07-10 10:31   ` Wolfgang Bumiller
2025-07-09 12:34 ` [pve-devel] [PATCH container v3 05/13] config: add entrypoint parameter Filip Schauer
2025-07-09 12:34 ` Filip Schauer [this message]
2025-07-09 12:34 ` [pve-devel] [PATCH container v3 07/13] setup: debian: create /etc/network path if missing Filip Schauer
2025-07-09 12:34 ` [pve-devel] [PATCH container v3 08/13] setup: recursively mkdir /etc/systemd/{network, system-preset} Filip Schauer
2025-07-09 12:34 ` [pve-devel] [PATCH container v3 09/13] manage DHCP for containers with custom entrypoint Filip Schauer
2025-07-09 13:41   ` Filip Schauer
2025-07-10 10:34   ` Wolfgang Bumiller
2025-07-09 12:34 ` [pve-devel] [PATCH lxcfs v3 10/13] lxc.mount.hook: override env variables from container config Filip Schauer
2025-07-10  9:30   ` Wolfgang Bumiller
2025-07-09 12:34 ` [pve-devel] [PATCH storage v3 11/13] allow .tar container templates Filip Schauer
2025-07-09 12:34 ` [pve-devel] [PATCH manager v3 12/13] ui: storage upload: accept *.tar files as vztmpl Filip Schauer
2025-07-09 12:34 ` [pve-devel] [PATCH docs v3 13/13] ct: add OCI image docs Filip Schauer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250709123435.64796-7-f.schauer@proxmox.com \
    --to=f.schauer@proxmox.com \
    --cc=pve-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal