From 5c079f6a1427fe24e33c5b55bc0420e06aae2b4c Mon Sep 17 00:00:00 2001 From: Zac Mrowicki Date: Wed, 2 Mar 2022 18:58:33 +0000 Subject: [PATCH] release: Include a default .link file for network interfaces This change adds a default network configuration .link file that `systemd-udev` will use when configuring new interfaces. It contains the default list of policies that are used when naming interfaces, as well as the policy by which the MAC address should be set. Bottlerocket packages its own version of this file rather than the default from systemd for a few reasons. 1) Bottlerocket does not create/use a udev hwdb (we disable the option in systemd compile flags), so we remove this option from the NamePolicy list, 2) CNI plugins can be confused when MAC addresses change for virtual interfaces, so Bottlerocket sets the default MACAddress Policy to "none" which directs systemd not to attempt to manage the MAC. Hardware usually has a MAC, and veth devices used by CNI generally get a MAC generated by the plugin. Additional information about the MAC address issue: https://github.com/systemd/systemd/issues/3374#issuecomment-288882355 https://github.com/flatcar-linux/Flatcar/issues/278 https://github.com/flatcar-linux/init/pull/33 --- packages/release/80-release.link | 11 +++++++++++ packages/release/release.spec | 7 +++++++ 2 files changed, 18 insertions(+) create mode 100644 packages/release/80-release.link diff --git a/packages/release/80-release.link b/packages/release/80-release.link new file mode 100644 index 00000000000..4c364bd5d99 --- /dev/null +++ b/packages/release/80-release.link @@ -0,0 +1,11 @@ +[Match] +OriginalName=* + +[Link] +# Bottlerocket disables hwdb so don't include "database" in NamePolicy +NamePolicy=keep kernel onboard slot path +AlternativeNamesPolicy=onboard slot path + +# Applying a MAC address policy can confuse CNI plugins, which do +# not expect addresses to change for devices like veth pairs. +MACAddressPolicy=none diff --git a/packages/release/release.spec b/packages/release/release.spec index b637d54b76c..ccf04e336eb 100644 --- a/packages/release/release.spec +++ b/packages/release/release.spec @@ -60,6 +60,9 @@ Source1080: runtime.slice # Drop-in units to override defaults Source1100: systemd-tmpfiles-setup-service-debug.conf +# systemd-udevd default link +Source1200: 80-release.link + BuildArch: noarch Requires: %{_cross_os}acpid Requires: %{_cross_os}audit @@ -114,6 +117,9 @@ install -p -m 0644 %{S:97} %{buildroot}%{_cross_sysctldir}/80-release.conf install -d %{buildroot}%{_cross_libdir}/systemd/system.conf.d install -p -m 0644 %{S:98} %{buildroot}%{_cross_libdir}/systemd/system.conf.d/80-release.conf +install -d %{buildroot}%{_cross_libdir}/systemd/network +install -p -m 0644 %{S:1200} %{buildroot}%{_cross_libdir}/systemd/network/80-release.link + install -d %{buildroot}%{_cross_tmpfilesdir} install -p -m 0644 %{S:99} %{buildroot}%{_cross_tmpfilesdir}/release.conf @@ -172,6 +178,7 @@ ln -s preconfigured.target %{buildroot}%{_cross_unitdir}/default.target %dir %{_cross_libdir}/repart.d %{_cross_libdir}/repart.d/80-local.conf %{_cross_libdir}/systemd/system.conf.d/80-release.conf +%{_cross_libdir}/systemd/network/80-release.link %{_cross_unitdir}/configured.target %{_cross_unitdir}/preconfigured.target %{_cross_unitdir}/multi-user.target