Skip to content
This repository has been archived by the owner on May 1, 2024. It is now read-only.

Commit

Permalink
Ensured lxdock can work with IPv6 only containers
Browse files Browse the repository at this point in the history
  • Loading branch information
Morgan Aubert committed May 31, 2017
1 parent 67c125b commit 8e51302
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 8 deletions.
6 changes: 3 additions & 3 deletions lxdock/container.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
from .exceptions import ContainerOperationFailed
from .guests import Guest
from .hosts import Host
from .network import EtcHosts, get_ipv4_ip
from .network import EtcHosts, get_ip
from .provisioners import Provisioner
from .utils.identifier import folderid

Expand Down Expand Up @@ -365,7 +365,7 @@ def _setup_hostnames(self, ip):

def _setup_ip(self):
""" Setup the IP address of the considered container. """
ip = get_ipv4_ip(self._container)
ip = get_ip(self._container)
if not ip:
logger.info('No IP yet, waiting for at most 10 seconds...')
ip = self._wait_for_ipv4_ip()
Expand Down Expand Up @@ -443,7 +443,7 @@ def _wait_for_ipv4_ip(self, seconds=10):
""" Waits some time before trying to get the IP of the container and returning it. """
for i in range(seconds):
time.sleep(1)
ip = get_ipv4_ip(self._container)
ip = get_ip(self._container)
if ip:
return ip
return ''
Expand Down
9 changes: 6 additions & 3 deletions lxdock/network.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,19 @@
import tempfile


def get_ipv4_ip(container):
def get_ip(container):
""" Returns the IP adress of a specific container. """
state = container.state()
if state.network is None: # container is not running
return ''
eth0 = state.network['eth0']
ipv4, ipv6 = '', ''
for addr in eth0['addresses']:
if addr['family'] == 'inet':
return addr['address']
return ''
ipv4 = addr['address']
elif addr['family'] == 'inet6' and 'global' in addr['scope']:
ipv6 = addr['address']
return ipv4 or ipv6


RE_ETCHOST_LINE = re.compile(r'^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s+([\w\-_.]+)$')
Expand Down
4 changes: 2 additions & 2 deletions lxdock/provisioners/ansible.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

from voluptuous import IsFile, Required

from ..network import get_ipv4_ip
from ..network import get_ip

from .base import Provisioner

Expand Down Expand Up @@ -33,7 +33,7 @@ class AnsibleProvisioner(Provisioner):

def provision(self):
""" Performs the provisioning operations using ansible-playbook. """
ip = get_ipv4_ip(self.guest.lxd_container)
ip = get_ip(self.guest.lxd_container)
with tempfile.NamedTemporaryFile() as tmpinv:
tmpinv.write('{} ansible_user=root'.format(ip).encode('ascii'))
tmpinv.flush()
Expand Down

5 comments on commit 8e51302

@ellmetha
Copy link
Contributor

@ellmetha ellmetha commented on 8e51302 May 31, 2017
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hsoft The function just returns the IP associated with a container, so I don't see why this change could introduce a regression (the IPv4 address is still returned with a priority over the IPv6 address). If the container is offline the function still returns the correct IP.

@ellmetha
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by "offline"? I'm not sure to see your point here.

@ellmetha
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've made some tests using LXD with a bridge configured for IPv6 only. I wasn't able to properly use LXDock with this configuration because it was looking for IPv4 addresses only. This is why I introduced this little change. At least this allows you to have simple LXDock projects working. eg:

name: myproject

containers:
  - name: test01
    image: ubuntu/xenial

  - name: test02
    image: archlinux

That said problems can appear because the tools used by LXD don't automatically add entries for the IPv6 gateway in the /etc/resolv.conf file. This is the only thing that can cause problem with provisioning because DNS resolutions won't work in the containers. The first step was to fix this get_ip function. The second step will be to figure out why the nameserver entry is not added when the bridge used by the container is IPv6 only.

@ellmetha
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As you can see in the commit, the IPv4 address will be returned with a priority over a potential IPv6 address. IPv4 / IPv6 addresses are fetched from the eth0 iface (which is a limited behaviour, but this is another problem). So there is no possible scenario where the IPv6 address would be used by LXDock if the considered container has both an IPv4 address and an IPv6 address.

I don't think that adding an option to force containers to use IPv6 would be the way to go. The rationale behind this is that a project should work the same way if the LXD bridge is configured for IPv4 only, IPv6 only or IPv4+IPv6. LXDock shouldn't make too much assumptions regarding the configuration of LXD if this is not necessary. In the present case, my feeling is that this is not necessary.

@ellmetha
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If LXD is configured to use a bridge supporting both IPv4 and IPv6, the containers will end up having IPv4 and IPv6 addresses. I'm not sure how to try to produce the glitch you're presenting. Are we tabling on a bug of LXD that would start containers without having both IPv4 / IPv6 addresses at the same time?

In any case, we are debating assumptions here. I propose that we try to reproduce the glitch you're talking about - and then fix the function if this is applicable. When you say "after a lot of lxdock up", are you thinking of a scenario of the form:

  1. the container doesn't exist yet
  2. lxdock up
  3. lxdock halt
  4. lxdock up
  5. lxdock halt
  6. lxdock up
  7. ...

???

Please sign in to comment.