incus/dhcp: run DHCP client on all container interfaces and aggregate DNS from all leases #2401
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
71464a4 to
9cdacd8
Compare
…om all leases
* Rationale
Many real-world containers attach to multiple networks (e.g., management + data).
Hardcoding eth0 leaves other links unconfigured and DNS incomplete when different
uplinks provide additional resolvers/search domains.
* Problem
The DHCP helper in main_forknet.go was hardcoded to only operate on eth0.
Containers with multiple network interfaces left additional interfaces unconfigured.
resolv.conf was generated from a single lease, effectively "last-writer-wins".
* Key changes
1. Enumerate container interfaces:
- Iterate all non-loopback interfaces and bring each up before starting DHCP.
2. Start DHCP per interface:
- For each interface, spawn both DHCPv4 and DHCPv6 clients (dhcpRunV4 and dhcpRunV6)
in separate goroutines.
- Continue configuring other interfaces even if bringing one up fails.
- Wait for all spawned DHCP goroutines to report.
3. Track leases per interface:
- Replace single-lease fields with per-interface maps on cmdForknet:
dhcpv4Leases map[string]*nclient4.Lease and dhcpv6Leases map[string]*dhcpv6.Message
- Update dhcpRunV4/dhcpRunV6 to store leases keyed by interface name.
4. Aggregate DNS across all leases:
- Rewrite dhcpApplyDNS to merge nameservers and search domains from all active
DHCPv4 and DHCPv6 leases.
- Deduplicate nameservers and search entries; prefer "search" line when available,
otherwise write a single "domain".
5. Concurrency and safety:
- Keep applyDNSMu to protect access to the lease maps and resolv.conf updates.
- Logging includes the interface name for clearer diagnostics.
* Behavioral notes
- Single-interface containers keep working as before (now via enumeration).
- Multi-interface containers will attempt to acquire addresses and routes on all
non-loopback interfaces.
- resolv.conf now contains the union of nameservers and search domains coming from all
received leases.
- Default route behavior remains per-interface; no explicit route metrics are
introduced here.
Signed-off-by: Andrey Mozharovsky <andrii.mozharovskyi@virtuozzo.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Rationale
Many real-world containers attach to multiple networks (e.g., management + data).
Hardcoding eth0 leaves other links unconfigured and DNS incomplete when different
uplinks provide additional resolvers/search domains.
Problem
The DHCP helper in main_forknet.go was hardcoded to only operate on eth0.
Containers with multiple network interfaces left additional interfaces unconfigured.
resolv.conf was generated from a single lease, effectively "last-writer-wins".
Key changes
Enumerate container interfaces:
- Iterate all non-loopback interfaces and bring each up before starting DHCP.
Start DHCP per interface:
- For each interface, spawn both DHCPv4 and DHCPv6 clients (dhcpRunV4 and dhcpRunV6)
in separate goroutines.
- Continue configuring other interfaces even if bringing one up fails.
- Wait for all spawned DHCP goroutines to report.
Track leases per interface:
- Replace single-lease fields with per-interface maps on cmdForknet:
dhcpv4Leases map[string]*nclient4.Lease and dhcpv6Leases map[string]*dhcpv6.Message
- Update dhcpRunV4/dhcpRunV6 to store leases keyed by interface name.
Aggregate DNS across all leases:
- Rewrite dhcpApplyDNS to merge nameservers and search domains from all active
DHCPv4 and DHCPv6 leases.
- Deduplicate nameservers and search entries; prefer "search" line when available,
otherwise write a single "domain".
Concurrency and safety:
- Keep applyDNSMu to protect access to the lease maps and resolv.conf updates.
- Logging includes the interface name for clearer diagnostics.
Behavioral notes
Single-interface containers keep working as before (now via enumeration).
Multi-interface containers will attempt to acquire addresses and routes on all
non-loopback interfaces.
resolv.conf now contains the union of nameservers and search domains coming from all
received leases.
Default route behavior remains per-interface; no explicit route metrics are
introduced here.