Skip to content

netkit: Don't let systemd change the MAC address#37812

Merged
tklauser merged 2 commits intocilium:mainfrom
jrife:jrife/GH-37265
Mar 4, 2025
Merged

netkit: Don't let systemd change the MAC address#37812
tklauser merged 2 commits intocilium:mainfrom
jrife:jrife/GH-37265

Conversation

@jrife
Copy link
Copy Markdown
Contributor

@jrife jrife commented Feb 23, 2025
edited
Loading

Systemd will change the random MAC addresses generated for a netkit device pair when MACAddressPolicy=persistent, seemingly the default on my system and presumably others. Apply the same workaround used in SetupVethWithNames() where "manually" generate and assign a MAC address for both the primary and peer devices, so that Systemd doesn't do this.

Fixes: #37265

netkit: Fix issue where MAC addresses get changed by systemd in L2 mode causing health checks to fail

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Feb 23, 2025
@jrife jrife force-pushed the jrife/GH-37265 branch 3 times, most recently from 64d4a12 to 8d7e836 Compare February 23, 2025 01:44
@jrife jrife mentioned this pull request Feb 23, 2025
Merged
@jrife
Copy link
Copy Markdown
Contributor Author

jrife commented Feb 23, 2025

FYI @borkmann

@julianwiedmann julianwiedmann added area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. feature/netkit labels Feb 26, 2025
@borkmann
Copy link
Copy Markdown
Member

borkmann commented Feb 26, 2025

FYI @borkmann

lgtm, thanks!

@jrife jrife force-pushed the jrife/GH-37265 branch 2 times, most recently from 20e533c to 36b4c5c Compare March 4, 2025 00:54
@jrife jrife marked this pull request as ready for review March 4, 2025 00:56
@jrife jrife requested review from a team as code owners March 4, 2025 00:56
@jrife jrife requested review from ldelossa and tklauser March 4, 2025 00:56
jrife added 2 commits March 4, 2025 01:08
@jrife
vendor: Update vishvananda/netlink to pull in L2 fix
aa6c7aa 
Fixes: cilium#37265

Signed-off-by: Jordan Rife <jrife@google.com>
@jrife
netkit: Don't let systemd change the MAC address
26a1375 
Systemd will change the random MAC addresses generated for a netkit
device pair when MACAddressPolicy=persistent, seemingly the default on
my system and presumably others. Apply the same workaround used in
SetupVethWithNames() where we "manually" generate and assign a MAC
address for both the primary and peer devices, so that Systemd doesn't
do this.

Fixes: cilium#37265

Signed-off-by: Jordan Rife <jrife@google.com>
@borkmann borkmann added the release-note/misc This PR makes changes that have no direct user impact. label Mar 4, 2025
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Mar 4, 2025
@borkmann
Copy link
Copy Markdown
Member

borkmann commented Mar 4, 2025

/test

@tklauser tklauser enabled auto-merge March 4, 2025 09:57
@tklauser tklauser added this pull request to the merge queue Mar 4, 2025
Merged via the queue into cilium:main with commit 8ab0cc9 Mar 4, 2025
66 of 67 checks passed
@gcezaralmeida
Copy link
Copy Markdown

gcezaralmeida commented Mar 17, 2025

Hi @jrife, thank you so much for adding this PR. Which version it will be available? I just checked the new release v.1.17.2 and I didn't find this PR on the release notes.

@jrife
Copy link
Copy Markdown
Contributor Author

jrife commented Mar 18, 2025

@gcezaralmeida, this isn't currently marked for backport, but I'll check to see if it can be.

@borkmann borkmann added release-note/bug This PR fixes an issue in a previous release of Cilium. and removed release-note/misc This PR makes changes that have no direct user impact. labels Mar 19, 2025
@pchaigno pchaigno added the needs-backport/1.17 This PR / issue needs backporting to the v1.17 branch label Mar 19, 2025
@viktor-kurchenko viktor-kurchenko mentioned this pull request Mar 26, 2025
Merged
16 tasks
@viktor-kurchenko viktor-kurchenko added backport-pending/1.17 The backport for Cilium 1.17.x for this PR is in progress. and removed needs-backport/1.17 This PR / issue needs backporting to the v1.17 branch labels Mar 26, 2025
@github-actions github-actions bot added backport-done/1.17 The backport for Cilium 1.17.x for this PR is done. and removed backport-pending/1.17 The backport for Cilium 1.17.x for this PR is in progress. labels Mar 28, 2025
@gcezaralmeida
Copy link
Copy Markdown

gcezaralmeida commented Apr 25, 2025

Big shout out to @jrife, thank you so much. I updated to 1.17.3 and it is working fine with Kubevirt.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tklauser tklauser tklauser approved these changes

@borkmann borkmann borkmann approved these changes

@ldelossa ldelossa Awaiting requested review from ldelossa ldelossa is a code owner automatically assigned from cilium/sig-datapath

Assignees

No one assigned

Labels

area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. backport-done/1.17 The backport for Cilium 1.17.x for this PR is done. feature/netkit release-note/bug This PR fixes an issue in a previous release of Cilium.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Kubevirt VMs not running with Cilium netkit enabled

7 participants

@jrife @borkmann @gcezaralmeida @tklauser @pchaigno @julianwiedmann @viktor-kurchenko