site  contact  subhomenews

NetworkManager 1.14.4 and container bug fixed

November 17, 2018 — BarryK

EasyOS testers have reported that after running an application in a container, say SeaMonkey, the Internet disconnects. Yes, exiting from the containerized-SeaMonkey (the "www" icon in top-middle of the screen), closes-down the container, and this terminates the instance of the 'dhcpcd' daemon that serviced that container, which empties file /etc/resolv.conf ...which kills the Internet.

/usr/local/easy_containers/ec-chroot is the container startup script, and it had this line in it:

       ip netns exec ${IFcont}ns dhcpcd -b ${IFcont} #-b background immediately

Where IFcont="www1" in the case of the www container. In a nutshell, what this does is run 'dhcpcd -b www1' in the network-namespace (www1ns) of the container, where "www1" is the name of the network interface.

What I did not think about, is dhcpcd also executes scripts in /lib/dhcpcd/dhcpcd-hooks, one of which writes to /etc/resolv.conf. When that instance of dhcpcd is killed, it again writes to /etc/resolv.conf, emptying it -- which removes the nameserver information. Hence, the Internet is now dead.

It probably doesn't need to run any of those hooks. The original 'dhcpcd' instance is the one responsible for managing /etc/resolv.conf, etc. But unsure, so changed the script so only disables two of the hooks:

       ip netns exec ${IFcont}ns dhcpcd -C resolv.conf -C wpa_supplicant -b ${IFcont}

...that now works, can kill a container, and still have Internet.

Easy 0.9.8 has NetworkManager 1.4.4, as this was the version in my fork of OpenEmbedded. That is about 1.5 years ago, though, and NM is a very active project. The latest stable is 1.14.4. So, I got NM 1.14.4 from OpenEmbedded upstream, put it into my 'oe-qky-src' fork:

NM 1.4.4 is configured to use the external 'wpa_supplicant' and 'dhcpcd' daemons. It could also have been configured to use 'dhclient'. However, it can be configured to use its own internal DHCP client.

For 1.14.4, I decided to go for the internal DHCP client. The configure options can be seen here:

Working OK. 'dhcpcd' is still being used for the containers. 

Tags: easy