debian: fixup networking.service #68
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
…ddons scripts (fixes CumulusNetworks#49) Today when ifupdown2 execute addons scripts we use the global environment dictionary (os.environ) and not a copy of this dict. This corrupts the environment. May 10 08:07:02 kvmformation1 networking[375279]: debug: vmbr101: pre-up : running script /etc/network/if-pre-up.d/openvswitch {'LANG': 'en_US.UTF-8', 'ADDRFAM': '', 'IFACE': 'vmbr101', 'JOURNAL_STREAM': '9:29498964', 'SHLVL': '1', 'LOGICAL': 'vmbr101', 'PWD': '/', 'MODE': 'start', '**IF_TESTVARIABLE2**': 'test', 'PHASE': 'pre-up', 'PATH': '/sbin:/bin', 'METHOD': '', '_': '/sbin/ifreload', 'INVOCATION_ID': '5ffcea837bc64759bd0c171b70e22cc2'} May 10 08:07:02 kvmformation1 networking[375279]: debug: vmbr100: pre-up : running script /etc/network/if-pre-up.d/openvswitch {'LANG': 'en_US.UTF-8', 'ADDRFAM': '', '**IF_OVS_TYPE**': 'OVSBridge', 'IFACE': 'vmbr100', 'JOURNAL_STREAM': '9:29498964', 'SHLVL': '1', 'LOGICAL': 'vmbr100', 'PWD': '/', 'MODE': 'start', '**IF_TESTVARIABLE2**': 'test', 'PHASE': 'pre-up', 'PATH': '/sbin:/bin', 'METHOD': '', '_': '/sbin/ifreload', 'INVOCATION_ID': '5ffcea837bc64759bd0c171b70e22cc2'} May 10 08:07:02 kvmformation1 networking[375279]: debug: eno1: pre-up : running script /etc/network/if-pre-up.d/openvswitch {'LANG': 'en_US.UTF-8', 'ADDRFAM': '', '**IF_OVS_TYPE**': 'OVSBridge', 'IFACE': 'eno1', 'JOURNAL_STREAM': '9:29498964', 'SHLVL': '1', 'LOGICAL': 'eno1', 'PWD': '/', 'MODE': 'start', '**IF_TESTVARIABLE2**': 'test', '**IF_TESTVARIABLE1**': 'test', 'PHASE': 'pre-up', 'PATH': '/sbin:/bin', 'METHOD': '', '_': '/sbin/ifreload', 'INVOCATION_ID': '5ffcea837bc64759bd0c171b70e22cc2'} May 10 08:07:02 kvmformation1 networking[375279]: debug: eno1.100: pre-up : running script /etc/network/if-pre-up.d/openvswitch {'LANG': 'en_US.UTF-8', 'ADDRFAM': '', '**IF_OVS_TYPE**': 'OVSBridge', 'IFACE': 'eno1.100', 'JOURNAL_STREAM': '9:29498964', 'SHLVL': '1', 'IF_NETMASK': '255.255.255.0', 'IF_ADDRESS': '10.59.100.231', 'LOGICAL': 'eno1.100', 'IF_GATEWAY': '10.59.100.1', 'PWD': '/', 'MODE': 'start', '**IF_TESTVARIABLE2**': 'test', 'IF_TESTVARIABLE1': 'test', 'PHASE': 'pre-up', 'PATH': '/sbin:/bin', 'METHOD': '', '_': '/sbin/ifreload', 'INVOCATION_ID': '5ffcea837bc64759bd0c171b70e22cc2'}
…e : (fixes CumulusNetworks#47) this has been upstreamed recently in linux kernel, with IFLA_BRPORT_NEIGH_SUPPRESS, with 32 as netlink value. https://www.spinics.net/lists/linux-ethernet-bridging/msg06910.html Cumulus is using a temp 152 number in his own kernel. This is needed for bgp evpn and anycast gateway. auto vmbr3 iface vmbr3 bridge_ports vxlan3 bridge_stp off bridge_fd 0 auto vxlan3 iface vxlan3 inet manual vxlan-id 3 vxlan-local-tunnelip 10.59.100.231 bridge-learning off bridge-arp-nd-suppress on info: reading '/sys/class/net/vmbr3/bridge/stp_state' debug: vmbr3: evaluating port expr '['vxlan3']' debug: _cache_get(['vxlan3', 'hwaddress']) : ['hwaddress'] debug: reading '/sys/class/net/vxlan3/address' info: writing '1' to file /proc/sys/net/ipv6/conf/vxlan3/disable_ipv6 info: executing /bin/ip -force -batch - [link set dev vxlan3 master vmbr3 addr flush dev vxlan3 ] info: vmbr3: applying bridge port configuration: ['vxlan3'] info: vmbr3: vxlan3: set bridge-learning off debug: (cache None) info: vmbr3: vxlan3: set bridge-arp-nd-suppress on debug: (cache None) info: vmbr3: vxlan3: vxlan learning and bridge learning out of sync: set False info: vxlan3: netlink: ip link set dev vxlan3: bridge slave attributes debug: vxlan3: ifla_info_data {7: False} debug: vxlan3: ifla_info_slave_data {8: False, 152: True}
master-next fixes
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
auto bridge
iface bridge
bridge-vlan-aware yes
bridge-ports swp2
auto bridge.2
iface bridge.2
address 10.254.1.2/24
address 2a03:25e0:254:1::2/64
address-virtual 00:00:5e:00:01:01 10.254.1.1/24 2a03:25e0:254:1::1/64 fe80::1/64
vrf blue
auto blue
iface blue
vrf-table auto
$ ifreload -a -v
...
info: executing /bin/ip route get 10.254.1.0/24 vrf blue
...
$
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
…ble) Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com> Reviewed-by: David Ahern <dsa@cumulusnetworks.com> Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
backporting the following commit to master-next: commit eb92e5e Author: Maximilian Wilhelm <max@rfc2324.org> Date: Thu Oct 6 19:22:06 2016 +0200 Add support for setting phys-dev for VXLAN interfaces. Add interface configuration option »vxlan-physdev« to set »dev« attribute of VXLAN interfaces and a check for the running configuration. Signed-off-by: Maximilian Wilhelm <max@rfc2324.org> This backport also: - adds support for ifquery --running - uses the netlink cache - includes some pep8 fixes Signed-off-by: Julien Fortin <julien@cumulusnetworks.com> Signed-off-by: Maximilian Wilhelm <max@rfc2324.org> Co-authored-by: Julien Fortin <julien@cumulusnetworks.com> Co-authored-by: Maximilian Wilhelm <max@rfc2324.org>
[14:49:15] root:~ # ifquery swp2
auto swp2
iface swp2
[14:49:18] root:~ # ip addr show swp2
4: swp2: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 90:e2:ba:2c:b2:95 brd ff:ff:ff:ff:ff:ff
[14:49:20] root:~ # ifup swp2
[14:49:23] root:~ # ip addr show swp2
4: swp2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 90:e2:ba:2c:b2:95 brd ff:ff:ff:ff:ff:ff
inet6 fe80::92e2:baff:fe2c:b295/64 scope link
valid_lft forever preferred_lft forever
[14:49:25] root:~ #
[14:49:32] root:~ # nano /etc/network/interfaces
[14:49:34] root:~ # ifquery swp2
auto swp2
iface swp2
ipv6-addrgen off
[14:49:41] root:~ # ifup -v swp2 |& grep addrgen
link set dev swp2 addrgenmode none
[14:49:57] root:~ # ip addr show swp2
4: swp2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 90:e2:ba:2c:b2:95 brd ff:ff:ff:ff:ff:ff
[14:50:01] root:~ #
[14:50:09] root:~ #
[14:50:09] root:~ # ifup -v swp2
info: executing /bin/ip -force -batch - [link set dev swp2 down
link set dev swp2 addrgenmode none
link set dev swp2 up
]
info: reading '/proc/sys/net/ipv4/conf/swp2/accept_local'
[14:50:13] root:~ #
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
…on|off]
[14:53:46] root:~ # ifquery -a
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto vlan1903
iface vlan1903
alias LAB-CUST-VMS
vlan-id 1903
vlan-raw-device bridge
address 2a06:c01:1:1903::3/64
address 185.98.123.3/24
address-virtual 00:00:5e:00:01:a3 2a06:c01:1:1903::1/64 fe80::1/64 185.98.123.1/24
vrf public
auto public
iface public
vrf-table auto
auto bridge
iface bridge
bridge-ports swp1
[14:53:47] root:~ # ifup -a
[14:53:50] root:~ # ip addr show vlan1903-v0
46: vlan1903-v0@vlan1903: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master public state UP group default
link/ether 00:00:5e:00:01:a3 brd ff:ff:ff:ff:ff:ff
inet 185.98.123.1/24 scope global vlan1903-v0
valid_lft forever preferred_lft forever
inet6 2a06:c01:1:1903::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::200:5eff:fe00:1a3/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::1/64 scope link
valid_lft forever preferred_lft forever
[14:53:52] root:~ #
[14:53:54] root:~ #
[14:53:54] root:~ # nano /etc/network/interfaces
[14:53:57] root:~ # ifquery vlan1903
auto vlan1903
iface vlan1903
alias LAB-CUST-VMS
vlan-id 1903
vlan-raw-device bridge
address 2a06:c01:1:1903::3/64
address 185.98.123.3/24
address-virtual 00:00:5e:00:01:a3 2a06:c01:1:1903::1/64 fe80::1/64 185.98.123.1/24
address-virtual-ipv6-addrgen off
vrf public
[14:54:05] root:~ # ifdown -a -X eth0
[14:54:08] root:~ # ifup -a -v
...
...
info: executing /bin/ip -force -batch - [link set dev vlan1903-v0 master public
link set dev vlan1903-v0 addrgenmode none
link set dev vlan1903-v0 down
link set dev vlan1903-v0 address 00:00:5e:00:01:a3
link set dev vlan1903-v0 up
addr add 2a06:c01:1:1903::1/64 dev vlan1903-v0
addr add fe80::1/64 dev vlan1903-v0
addr add 185.98.123.1/24 dev vlan1903-v0
route del 2a06:c01:1:1903::/64 table 1001 dev vlan1903-v0
route del fe80::/64 table 1001 dev vlan1903-v0
route add 2a06:c01:1:1903::/64 table 1001 dev vlan1903-v0 proto kernel metric 9999
route add fe80::/64 table 1001 dev vlan1903-v0 proto kernel metric 9999
]
...
...
[14:54:14] root:~ # ip addr show vlan1903-v0
50: vlan1903-v0@vlan1903: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master public state UP group default
link/ether 00:00:5e:00:01:a3 brd ff:ff:ff:ff:ff:ff
inet 185.98.123.1/24 scope global vlan1903-v0
valid_lft forever preferred_lft forever
inet6 2a06:c01:1:1903::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::1/64 scope link
valid_lft forever preferred_lft forever
[14:54:16] root:~ #
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
… hack Now that some system support ip addr METRIC sets we dont have to do this "fix_connected_route" hack. The hack was previously introduced to make sure the primary address was the first in the routing table. Some events could cause some issues like having the macvlan address first in the routing table. In that case the macvlan needs to be flapped. This shouldn't happen when we are able to set the address metric Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
…ples typo: missing 'n' in the example field Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
…ware bridge (closes CumulusNetworks#58) In linux its possible to assign an ip address to a vlan-aware bridge For some use cases is it useful to restrict users from configuring ips on bridges VA. This patch will let admins and distributions decide if it is necessary to warn the user in such case. The patch introduces a new configuration variable in: /etc/network/ifudpown2/ifupdown2.conf vlan_aware_bridge_address_support: yes|no|on|off|0|1 (default to yes) [8:30:41] root:~ # cat /etc/network/ifupdown2/ifupdown2.conf | grep "vlan_aware_bridge_address_support" [8:30:43] root:~ # ifquery bridge auto bridge iface bridge bridge-ports swp1 bridge-vlan-aware yes address 10.10.10.10 [8:30:46] root:~ # ifup bridge --syntax-check [8:30:52] root:~ # echo $? 0 [8:30:54] root:~ # echo "vlan_aware_bridge_address_support=no" >> /etc/network/ifupdown2/ifupdown2.conf [8:31:11] root:~ # ifup bridge --syntax-check warning: bridge: ignoring ip address. Assigning an IP address is not allowed on bridge vlan aware interfaces [8:31:14] root:~ # echo $? 1 [8:31:17] root:~ # [8:31:20] root:~ # ifup -a [8:31:22] root:~ # echo $? 0 [8:31:25] root:~ # ifquery bridge -c auto bridge iface bridge [fail] bridge-vlan-aware yes [pass] bridge-ports swp1 [pass] address 10.10.10.10 [fail] [8:31:29] root:~ # ifdown bridge && ifup bridge -v |& grep "bridge vlan aware interfaces" info: bridge: ignoring ip address. Assigning an IP address is not allowed on bridge vlan aware interfaces [8:31:57] root:~ # Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
closes CumulusNetworks#48) ifupdown changed its original behavior on "manual" address method: https://salsa.debian.org/debian/ifupdown/commit/12d333d619013914aae7deafe45fb6191ff2fb2c ifupdown2 needs to change it's behavior too. Reported-by: Alexandre Derumier <aderumier@odiso.com> Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com> Co-authored-by: Alexandre Derumier <aderumier@odiso.com> Co-authored-by: Julien Fortin <julien@cumulusnetworks.com> Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com> Reviewed-by: Sam Tannous <stannous@cumulusnetworks.com> Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
$ ifquery -a
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
vrf mgmt
link-down yes
auto mgmt
iface mgmt
vrf-table auto
$ ifup -a -d
...
...
debug: mgmt: pre-up : running module vrf
info: executing /usr/lib/vrf/vrf-helper create mgmt 1001
debug: mgmt: eth0: slave configured with link-down yes
info: mgmt: netlink: ip link set dev mgmt up
...
$ ip link show eth0
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master mgmt state DOWN mode DEFAULT group default qlen 1000
link/ether 08:00:27:80:e2:97 brd ff:ff:ff:ff:ff:ff
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
…n vlan-aware bridge (closes CumulusNetworks#58)" This reverts commit 3d06493.
…_support" closes CumulusNetworks#58 In linux its possible to assign a vlan-aware bridge an ip address For some use cases is it useful to restrict users from configuring ips on bridges VA. This patch will let admins and distributions decide if it is necessary to warn the user in such case. The patch introduces a new 'address' policy: vlan_aware_bridge_address_support: yes|no|on|off|0|1 (default to yes) [16:46:09] root:~ # cat /var/lib/ifupdown2/policy.d/address.json { "address": { "module_globals": { "enable_l3_iface_forwarding_checks": "yes" }, "defaults": { "mtu": "1500", "ip-forward": "on", "ip6-forward": "on" } } } [16:46:16] root:~ # ifquery -a auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto bridge iface bridge bridge-ports swp1 bridge-vlan-aware yes address 10.10.10.10/32 [16:46:20] root:~ # ifup -a --syntax-check [16:46:22] root:~ # echo $? 0 [16:46:33] root:~ # nano /var/lib/ifupdown2/policy.d/address.json [16:46:47] root:~ # cat /var/lib/ifupdown2/policy.d/address.json { "address": { "module_globals": { "enable_l3_iface_forwarding_checks": "yes", "vlan_aware_bridge_address_support": "no" }, "defaults": { "mtu": "1500", "ip-forward": "on", "ip6-forward": "on" } } } [16:46:48] root:~ # ifup -a --syntax-check warning: bridge: ignoring ip address. Assigning an IP address is not allowed on bridge vlan aware interfaces [16:46:51] root:~ # echo $? 1 [16:46:52] root:~ # Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
This commit adds support for configuring GRE/IPIP/SIT tunnel interfaces as know
from previous versions of ifupdown. Currently only configuration checks for GRE
and SIT tunnels are implemented.
A tunnel interface configuration could look like this:
auto gre42
iface gre42 inet tunnel
mode gre
local 198.51.100.1
endpoint 203.0.113.2
#
# optional tunnel attributes
ttl 64
mtu 1400
tunnel-physdev eth0
#
address 192.0.2.42/31
address 2001:db8:d0c:23::42/64
auto he-ipv6
iface he-ipv6 inet tunnel
mode sit
endpoint 203.0.113.6
local 198.51.100.66
#
# optional tunnel attributes
ttl 255
mtu 1466
tunnel-physdev vrf_external
#
address 2001:db8:666::2/64
Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
This commit adds support to configure and check gretap tunnels. An example
configuration could look like this:
iface tap0 inet tunnel
mode gretap
local 10.132.255.3
endpoint 10.132.255.1
ttl 64
mtu 1400
tunnel-physdev eth0
#
address 10.10.0.1/2
ifup will happily configure the interface (which it does even without this
patch) and ifquery now can successfully validate the configure interface:
cr03.in.ffho.net:~# ifquery -c tap0
iface tap0 inet tunnel [[ OK ]]
tunnel-physdev eth0 [[ OK ]]
endpoint 10.132.255.1 [[ OK ]]
local 10.132.255.3 [[ OK ]]
mode gretap [[ OK ]]
ttl 64 [[ OK ]]
mtu 1400 [[ OK ]]
address 10.10.0.1/24 [[ OK ]]
Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
…metric (default: yes)
Ifupdown2 is now setting a default metric on macvlan ips. This policy will let
users disable this new default behavior. addressvirtual_with_route_metric is
boolean policy variable.
addressvirtual_with_route_metric: yes|no|on|off|1|0 (default to yes)
$ cat /var/lib/ifupdown2/policy.d/addressvirtual.json
{
"addressvirtual": {
"module_globals": {
"addressvirtual_with_route_metric": "no"
}
}
}
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
This commit fixes the tunnel addon for the new master-next branch.
This commits fixes AttributeMACAddress for GREv6.
Error message: info: netlink: link dump failed: Length of MACAddress attribute not supported: 20
Reproducible by adding a GREv6 Tunnel:
auto gre1
iface gre1 inet tunnel
mode ip6gre
local 2001:1000:1000:1000::123
endpoint 2001:1000:1000:2000::123
address 192.168.123.1/29
In netlink The IFLA_ADDRESS and IFLA_BROADCAST attributes for all interfaces has been a
6-byte MAC address. But the GRE interface uses a 4-byte IP address and GREv6 uses a 16-byte IPv6 address for this
attribute. This patch allows for decoding a 16-byte value as an IP address.
addons: tunnel: Add support for master-next
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
this commit adds some explanation/comments in the decode function of the AttributeMACAddress class. Some comments are moved around and placed in the right location. Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
netlink: nlpacket AttributeMACAddress: add support for 16-bytes ip6 for GREv6 interfaces
This commit fixes the ppp addon for the new master-next branch.
addons: ppp: Add support for master-next
New addon to create/configure ppp interfaces Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
$ ifquery -a
auto bridge
iface bridge
bridge-vlan-aware yes
bridge-ports swp1
auto bridge.2
iface bridge.2
address-virtual 01:01:01:02:02:02 1.10.10.10/32
$ ifup -a
error: bridge.2: Multicast bit is set in the virtual mac address '01:01:01:02:02:02'
$ echo $?
1
$
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
[18:43:47] root:~ # ip link show swp3
5: swp3: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
link/ether 08:00:27:bc:04:3c brd ff:ff:ff:ff:ff:ff
[18:43:48] root:~ #
[18:43:49] root:~ #
[18:43:50] root:~ # cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto swp3
iface swp3
bridge-vlan-aware yes
[18:43:50] root:~ #
[18:43:51] root:~ #
[18:43:51] root:~ # ifup -a
warning: swp3: error getting dependent interfaces (misconfiguration of bridge attribute(s) on existing non-bridge interface (swp3))
[18:43:56] root:~ # echo $?
1
[18:43:58] root:~ #
Reviewed-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Julien Fortin <julien@cumulusnetworks.com>
|
In debian jessie, the systemd package provides the file: After=network-pre.target systemd-sysctl.service systemd-modules-load.service Which is why they weren't in networking.service itself. In stretch (and presumably other distros that have newer systemd versions) that systemd file is no longer present, so it makes sense to add the After= lines to networking.service. On the Before including network-online.target, rather than Wanted-By, my understanding (which is not perfect) is that Wanted-By is what's really wanted to set things up correctly, so that looks good. I think leaving basic.target rather than multi-user.target makes sense, because that way the many services that implicitly depend on networking being available don't have to explicitly list it, they can just be after basic.target (the way many of the older init.d scripts were written). I feel moderately strongly about that. I agree that with DefaultDependencies=no, shutdown.target should be listed. |
|
Sticking to I didn't actually check jessie btw. but since the snippet is equivalent it should be compatible. As for the Given that, we might want to add a If that sounds right I'd update the PR with s/multi-user/basic/ and adding the |
|
Wolfgang Bumiller <notifications@github.com> wrote:
Sticking to basic.target is fine with me.
I didn't actually check jessie btw. but since the snippet is equivalent it
should be compatible.
Yes.
As for the Before=network-online.target - because I confused myself yet again
while reading your reply - I think systemd-networkd.service is a good
reference, however, the network-online.target is split out into a
systemd-networkd-wait-online.service (which never likes my setups btw ;-)).
This one has network-online.target in both Before and WantedBy.
The thing that always bugs me with these target are the special cases:
network.target is special as in it works backwards: systemd.special(7) says
network.target is a "passive" unit: i.e. pulled in by the provider of the
functionality, rather than the consumer. Iow. you can use ordering (eg. After=
network.target), but a Wants= or Requires= is used to mean you "provide" the
target - I'm actually unsure what that entails for when you make network.target
itself Wants=networking.service
(iow when we used WantedBy=network.target).
Given that, we might want to add a Wants=network.target so that we "properly"
provide it as confirming to systemd.special(7)'s special handling -
systemd-networkd does the same btw.
If that sounds right I'd update the PR with s/multi-user/basic/ and adding the
Wants=network.target.
Sounds like a good thing to do.
In most jessie systems (including Cumulus Linux), network.target isn't
reliable (isn't ever reached), and systemd detects that, and so ignores
any dependency on it. We switched everything that matters to depend on
network-online.target, which is what most things really want, anyway.
Your idea might fix it (although I think I tried that at one point, and
it didn't help). It certainly isn't "wrong".
Thanks for working on this.
Dave Olson
olson@cumulusnetworks.com
|
Add the following explicitly which used to be in a snippet
in jessie but not in stretch:
After=network-pre.target systemd-sysctl.service
After=systemd-modules-load.service
Add missing ordering:
Before=network.target
Before=network-online.target
Add missing "special" dependency:
Wants=network.target
See systemd.special(7) description of network-online.target
for the exact reason for why we "depend" on network.target)
Install into network-online.target rather than
network.target and drop WantedBy=shutown.target
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
julienfortin
force-pushed
the
master-next
branch
from
bab609f to
2229ca6
Compare
|
So I suppose I need to recreate my 2 PRs - should they now be against master or still master-next? |
|
@Blub sorry I missed your comment... The PR should be against master. Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
After having an issue where after installing ifupdown2 a service suddenly listened on a different address after booting and would be fixed by restarting it. Comparing ifupdown2's
networking.servicefile revealed some differences to that of ifupdown which I've gone through:Add missing ordering:
After=network-pre.target
See systemd.special(7)'s description of this target
After=systemd-sysctl.service
ifupdown does the same - we want net..conf.default.
sysctl keys to apply to newly created interfaces
After=systemd-modules-load.service
ifupdown does the same, though this should be mostly
optional as modules should be autoloaded anyway
Before=network.target
This is required to prevent services which require
network to be started too early and listen on wrong
addresses (iow. only on loopback or ipv4-only).
Before=network-online.target
See systemd.special(7)'s description. We are the
provider of this target.
Before=shutdown.target
ifupdown does it this way, it also makes more sense
given the Conflict entry, compared to the previous
WantedBy entry in [Install]
Changed install section:
WantedBy=multi-user.target
I wasn't sure about this. ifupdown does this.
basic.target didn't seem useful since we actually want:
WantedBy=network-online.target
We provide this, so we should be installed into it.
removed WantedBy=network.target
We strictly want to be ordered before this and instead
are required by multi-user.target already.
removed WantedBy=shutdown.target
I didn't see the point.
Signed-off-by: Wolfgang Bumiller w.bumiller@proxmox.com