-
-
Notifications
You must be signed in to change notification settings - Fork 13.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/vswitches : Fix vswitch-netdev.service going down just after startup #34586
Conversation
After some more testing, it seems this patch might not be enough to definitely fix the issue. I have done some more testing by adding a good old |
How do other distributions handle this? I am familiar with network configuration, but I have little experience with |
Maybe we have to switch to |
My understanding is that the After some more testing and reflexion, I have the following remarks on dependencies configured :
Regardless of the issue mentioned in this PR, I think we should refactor the following dependencies like so:
Because:
We should maybe to the same analysis for other services (e.g. bridges). For the original issue, I have tested adding The problem seems to be random, sometimes occurring when manually restarting the service, more frequently on reboots (but not consistently failing across reboots). This leads me to think that there is some kind of race condition, because the Maybe we should ask @tstrobel ("Thomas Strobel ts468@cam.ac.uk") who made the commits to the vswitchd, for more information ? |
Regarding this issue, and in respect with issue #34851, I think I might resubmit a full PR with updates and new features, because upgrading the openvswitch package may change implementation details. |
…artup The service has a 'BindsTo' Dependency to sys-subsystem-vsiwtch.device which causes the service to stop immediately after startup because the add-br commands make the device flap somehow. This patch moves creation of the device to 'ExecStartPre=' phase of the service, where 'BindsTo' does not apply (tested, bu could not find docs about this). See NixOS#34336 for details
0000a92
to
254bd16
Compare
Closed since I opened the more complete #35127 |
Originnaly, the need was to fix NixOS#34336 and add features in NixOS#34851. With remarks from @volth, openvswitch was upgraded to the latest stable version (currenty 2.9.2). This remove ovs-monitor-ipsec commands. LTS version is still available using `config.virtualisation.vswitch.package = pkgs.openvswitch-lts` Systemd dependencies for scripted mode were refactored according to analysis in NixOS#34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the `networking.interfaces` template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch
Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
Systemd dependencies for scripted mode were refactored according to analysis in NixOS#34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR NixOS#35127.
Systemd dependencies for scripted mode were refactored according to analysis in #34586. networking.vswitches can now be used with systemd-networkd, although they are not supported by the daemon, a nixos receipe creates the switch and attached required interfaces (just like the scripted version). Vlans and internal interfaces are implemented following the template format i.e. each interface is described using an attributeSet (vlan and type at the moment). If vlan is present, then interface is added to the vswitch with given tag (access mode). Type internal enabled vswitch to create interfaces (see openvswitch docs). Added configuration for configuring supported openFlow version on the vswitch This commit is a split from the original PR #35127.
The service has a 'BindsTo' Dependency to sys-subsystem-vsiwtch.device
which causes the service to stop immediately after startup because the
add-br commands make the device flap somehow.
This patch moves creation of the device to 'ExecStartPre=' phase of the
service, where 'BindsTo' does not apply (tested, bu could not find docs
about this).
See #34336 for details
Motivation for this change
Configuring
networking.vswitches
did not work before.Also, as we remove the device in postStop, it makes sense to create it in preStart.
Things done
Tested in the virtualbox VM (see related issue for logs and details).
build-use-sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)