Podman 容器没有从 macvlan DHCP 获取 ip,我的配置有什么问题?

Podman 容器没有从 macvlan DHCP 获取 ip,我的配置有什么问题?

我不确定我做错了什么。我知道我的 DHCP 服务器正在运行并且正常工作,我正在将 IP 分配给其他非 macvlan 网络设备……基本上是连接到我的 wifi AP 的所有设备。

我的配置有什么问题?

/etc/cni/net.d/podman_network.conflist

{
   "cniVersion": "0.4.0",
   "name": "podman_network",
   "plugins": [
      {
         "type": "macvlan",
         "master": "enp2s0",
         "ipam": {
            "type": "dhcp"
         }
      }
   ]
}

/etc/init.d/isc-dhcp 服务器

# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
# DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf

# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
DHCPDv4_PID=/var/run/dhcpd.pid
# DHCPDv6_PID=/var/run/dhcpd6.pid

# Additional options to start dhcpd with.
#   Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""

# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
#   Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACESv4="enp2s0"
INTERFACESv6=""

状态 cni-dhcp.服务

● cni-dhcp.service - CNI DHCP service
     Loaded: loaded (/lib/systemd/system/cni-dhcp.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-05-16 18:48:23 HST; 1min 37s ago
TriggeredBy: ● cni-dhcp.socket
       Docs: https://github.com/containernetworking/plugins/tree/master/plugins/ipam/dhcp
   Main PID: 4401 (dhcp)
      Tasks: 7 (limit: 4596)
     Memory: 12.7M
        CPU: 26ms
     CGroup: /system.slice/cni-dhcp.service
             └─4401 /usr/lib/cni/dhcp daemon

May 16 18:49:00 router dhcp[4401]: 2023/05/16 18:49:00 f6f86d37ce80cedb7e80186f71d3015355e3c4442c1ffa695dcf9f8c4a983eda/podman_network/eth0: acquiring lease
May 16 18:49:00 router dhcp[4401]: 2023/05/16 18:49:00 Link "eth0" down. Attempting to set up
May 16 18:49:00 router dhcp[4401]: 2023/05/16 18:49:00 network is down
May 16 18:49:00 router dhcp[4401]: 2023/05/16 18:49:00 retrying in 4.881018 seconds
May 16 18:49:10 router dhcp[4401]: 2023/05/16 18:49:10 no DHCP packet received within 5s
May 16 18:49:10 router dhcp[4401]: 2023/05/16 18:49:10 retrying in 8.329120 seconds
May 16 18:49:24 router dhcp[4401]: 2023/05/16 18:49:24 no DHCP packet received within 5s
May 16 18:49:24 router dhcp[4401]: 2023/05/16 18:49:24 retrying in 15.875428 seconds
May 16 18:49:45 router dhcp[4401]: 2023/05/16 18:49:45 no DHCP packet received within 5s
May 16 18:49:45 router dhcp[4401]: 2023/05/16 18:49:45 retrying in 31.849275 seconds

isc-dhcp-服务器.服务

● isc-dhcp-server.service - LSB: DHCP server
     Loaded: loaded (/etc/init.d/isc-dhcp-server; generated)
     Active: active (running) since Tue 2023-05-16 18:48:13 HST; 1min 29s ago
       Docs: man:systemd-sysv-generator(8)
    Process: 4020 ExecStart=/etc/init.d/isc-dhcp-server start (code=exited, status=0/SUCCESS)
      Tasks: 4 (limit: 4596)
     Memory: 7.0M
        CPU: 81ms
     CGroup: /system.slice/isc-dhcp-server.service
             └─4032 /usr/sbin/dhcpd -4 -q -cf /etc/dhcp/dhcpd.conf enp2s0

May 16 18:48:11 router dhcpd[4032]: Wrote 5 leases to leases file.
May 16 18:48:11 router dhcpd[4032]: Server starting service.
May 16 18:48:13 router isc-dhcp-server[4020]: Starting ISC DHCPv4 server: dhcpd.
May 16 18:48:13 router systemd[1]: Started LSB: DHCP server.
May 16 18:49:05 router dhcpd[4032]: DHCPDISCOVER from e6:25:c8:c1:67:70 via enp2s0
May 16 18:49:06 router dhcpd[4032]: DHCPOFFER on 10.0.2.205 to e6:25:c8:c1:67:70 via enp2s0
May 16 18:49:18 router dhcpd[4032]: DHCPDISCOVER from e6:25:c8:c1:67:70 via enp2s0
May 16 18:49:18 router dhcpd[4032]: DHCPOFFER on 10.0.2.205 to e6:25:c8:c1:67:70 via enp2s0
May 16 18:49:39 router dhcpd[4032]: DHCPDISCOVER from e6:25:c8:c1:67:70 via enp2s0
May 16 18:49:39 router dhcpd[4032]: DHCPOFFER on 10.0.2.205 to e6:25:c8:c1:67:70 via enp2s0

吊舱

root@router# podman run -d \
--name pihole \
--cap-add=NET_ADMIN \
--net=podman_network \
-v "/etc/podman/pihole:/etc/pihole" \
-v "/etc/podman/dnsmasq.d:/etc/dnsmasq.d" \
--restart=unless-stopped \
--hostname pihole \
--security-opt label=disable \
-e TZ="US/Hawaii" \
-u root \
docker.io/pihole/pihole
ERRO[0146] Error adding network: error calling DHCP.Allocate: no more tries 
ERRO[0146] Error while adding pod to CNI network "podman_network": error calling DHCP.Allocate: no more tries 
Error: error configuring network namespace for container f6f86d37ce80cedb7e80186f71d3015355e3c4442c1ffa695dcf9f8c4a983eda: error calling DHCP.Allocate: no more tries

知识产权

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:e0:97:1c:ba:0b brd ff:ff:ff:ff:ff:ff
    inet 66.91.170.171/22 brd 255.255.255.255 scope global dynamic enp1s0
       valid_lft 76220sec preferred_lft 76220sec
    inet6 fe80::2e0:97ff:fe1c:ba0b/64 scope link 
       valid_lft forever preferred_lft forever
3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:e0:97:1c:ba:0c brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/8 brd 10.255.255.255 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet6 fe80::2e0:97ff:fe1c:ba0c/64 scope link 
       valid_lft forever preferred_lft forever

知识产权

default via 66.91.168.1 dev enp1s0 
10.0.0.0/8 dev enp2s0 proto kernel scope link src 10.0.0.1 
66.91.168.0/22 dev enp1s0 proto kernel scope link src 66.91.170.171 

dhcpd配置文件

default-lease-time 100;
max-lease-time 300;

ddns-update-style none;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

subnet 10.0.0.0 netmask 255.0.0.0 {
  option routers 10.0.0.1;
  
  # Unknown clients get this pool.
  pool {
    max-lease-time 300;
    range 10.0.2.200 10.0.2.253;
    allow unknown-clients;
  }

  # Known clients get this pool.
  pool {
    max-lease-time 28800;
    range 10.0.2.5 10.0.2.199;
    deny unknown-clients;
  }
}

host wap-wan {
   hardware ethernet 00:5F:67:EB:B7:C9;
   fixed-address 10.0.0.5;
}

答案1

从 的日志中可以看出cni-dhcp.service,它使用的是 NIC eth0 而不是 enp2s0

尝试/usr/libexec/cni/dhcp daemon -broadcast=true按照说明运行https://www.cni.dev/plugins/current/ipam/dhcp/

相关内容