Tuesday, 10 January 2017

Re: netplan and post-up/pre-down scripts

Hello Mike,

Mike Pontillo [2017-01-06 10:12 -0800]:
> Recently, I was working on a project that led me to become frustrated
> with the current state of `systemd` and `ifupdown` (e.g.
> /etc/network/interfaces or /e/n/i) in Xenial. I remembered that
> `netplan`[1] was under development, so I added the PPA for Xenial

Note that netplan is in xenial-updates, so no PPA needed.

> Let me explain my use case: when an interface goes up or down, I want to
> be able to do event-driven things with the network configuration, such as
> add or remove routes, run a DHCP client, etc.

These two and more are already supported by networkd and NM (i. e. both of
netplan's current backends) and also in the netplan YAML itself of course. OOI,
what is your particular use case?

> My first attempt to make this happen was to add `post-up` and `pre-down`
> scripts to do this. However, this had a fatal flaw for my application:
> `ifupdown` doesn't separate the concept of operational status from the
> concept of administrative status. (That is, in `ifupdown`, an interface is
> "up" if the admin says it is up. Link up or link down does not seem to
> matter; it's strictly an /administrative/ status[3].)

The ifup@.service (more or less) deals with hotplugging, so normally as an
admin you would not explicitly "ifup" any interface (unless you mark them as
"manual", but then you are on your own anyway). So I fail to see the problem
here -- for "auto" and "allow-hotplug" interfaces this should just work?

> Looking at the `netplan` spec[4], I don't see a way to achieve that
> functionality

Correct. NetworkManager calls /etc/network/if-up.d/ when an interface is up
(same as ifupdown), but networkd doesn't, and it's not planned upstream to do
that. It could be done by monitoring networkd's D-Bus signals and reacting to
it, but so far there hasn't been a pressing use case for this. Many existing
if-up.d/ scripts are workarounds for software which aren't written with the
idea of network hotplugging in mind (e. g. not using IP_FREEBIND), and many
others aren't necessary or even actively detrimental with NM/networkd as they
are essentially ifupdown implementation of bridges or similar, so they must not
be called with NM/networkd.

> I know that many people are using the script-callout functionality in /e/n/i
> to achieve what they need to achieve

Actually, /etc/network/if-up.d/ has been the much more popular approach AFAIK.

> In an ideal world, I think `netplan` would be able to model my use case
> out-of-the-box.[5] But since we can't expect to model everyone's use case,
> it seems like custom scripting functionality is a hard requirement, though
> perhaps one that could have tricky cross-platform implications.

If you need this, then I suggest to use the NM backend, which gives you
/etc/network/if-up.d/. We will never use NM in confined scenarios like the
initramfs, so that should be reasonably safe. OTOH netplan itself (with
networkd) was meant to work in initrd and other early-boot scenarios where
arbitrary script callouts are not supportable.

If you have something particular that needs to be set/done when an interface
goes up, I suggest filing a bug -- maybe that functionality even already exists
in networkd/NM and just needs to be wired up to YAML?

Thanks,

Martin

--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel