libvirt users - Apr 2019 - Re: Network hooks for ethernet interfaces

On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik <mprivozn@redhat.com>
wrote:
>
> On 4/9/19 4:38 PM, Ruben Kerkhof wrote:
> > Hi all,
> >
> > I have a hook script, /etc/libvirt/hooks/network, that doesn't
seem to
> > be called when I attach an interface with type 'ethernet' with
this
> > xml snippet:
> >
> > <interface type='ethernet'>
> >      <model type="virtio"/>
> >      <source>
> >          <ip address="10.100.0.1" prefix="24"
peer="10.100.0.10"/>
> >      </source>
> > </interface>
> >
> > https://www.libvirt.org/hooks.html#intro says
> > "A network is started or stopped or an interface is
plugged/unplugged
> > to/from the network (since 1.2.2)".
> >
> > While I don't have a network defined in xml, I'd expect this
to work
> > just as well for 'ethernet' type interfaces. Am I wrong?
>
>
> Hotplugging an 'ethernet' type of interface doesn't really
relate to any
> libvirt network. Hence libvirt doesn't call 'network' hook
script. If
> you'd continue reading you'll see what is the 'network'
hook fed with
> (on stdin): info on domain in question AND network where the event
> ocurred. But there is no network, is it?
No not in the libvirt sense there isn't, you're
right.
>
> But maybe you can work around this by waiting for
> DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're trying to
solve?
I'd like to enable proxy_arp on the interface among other things.
I can easily do this from the same script that adds the interface
though, so I have a workaround, but a hook that triggers on all
interface events felt cleaner.
>
> Michal
Kind regards,

Ruben

On 4/9/19 11:35 AM, Ruben Kerkhof wrote:
> On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik <mprivozn@redhat.com>
wrote:
>>
>> On 4/9/19 4:38 PM, Ruben Kerkhof wrote:
>>> Hi all,
>>>
>>> I have a hook script, /etc/libvirt/hooks/network, that doesn't
seem to
>>> be called when I attach an interface with type 'ethernet'
with this
>>> xml snippet:
>>>
>>> <interface type='ethernet'>
>>>       <model type="virtio"/>
>>>       <source>
>>>           <ip address="10.100.0.1"
prefix="24" peer="10.100.0.10"/>
>>>       </source>
>>> </interface>
>>>
>>> https://www.libvirt.org/hooks.html#intro says
>>> "A network is started or stopped or an interface is
plugged/unplugged
>>> to/from the network (since 1.2.2)".
>>>
>>> While I don't have a network defined in xml, I'd expect
this to work
>>> just as well for 'ethernet' type interfaces. Am I wrong?
>>
>>
>> Hotplugging an 'ethernet' type of interface doesn't really
relate to any
>> libvirt network. Hence libvirt doesn't call 'network' hook
script. If
>> you'd continue reading you'll see what is the 'network'
hook fed with
>> (on stdin): info on domain in question AND network where the event
>> ocurred. But there is no network, is it?
> 
> No not in the libvirt sense there isn't, you're right.
>>
>> But maybe you can work around this by waiting for
>> DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're trying
to solve?
> 
> I'd like to enable proxy_arp on the interface among other things.
> I can easily do this from the same script that adds the interface
> though, so I have a workaround, but a hook that triggers on all
> interface events felt cleaner.
Also keep in mind that the hook scripts aren't an officially supported 
part of the API, and are thus liable to change without warning. As an 
example, danpb has proposed changing the network hook:

  https://www.redhat.com/archives/libvir-list/2019-March/msg01280.html

Once this goes in, any network hook script that uses the plugged and 
unplugged hooks will no longer work; you would instead need to use the 
port-created and port-deleted hooks.

On Wed, Apr 10, 2019 at 1:44 PM Laine Stump <laine@redhat.com>
wrote:
>
> On 4/9/19 11:35 AM, Ruben Kerkhof wrote:
> > On Tue, Apr 9, 2019 at 5:10 PM Michal Privoznik
<mprivozn@redhat.com> wrote:
> >>
> >> On 4/9/19 4:38 PM, Ruben Kerkhof wrote:
> >>> Hi all,
> >>>
> >>> I have a hook script, /etc/libvirt/hooks/network, that
doesn't seem to
> >>> be called when I attach an interface with type
'ethernet' with this
> >>> xml snippet:
> >>>
> >>> <interface type='ethernet'>
> >>>       <model type="virtio"/>
> >>>       <source>
> >>>           <ip address="10.100.0.1"
prefix="24" peer="10.100.0.10"/>
> >>>       </source>
> >>> </interface>
> >>>
> >>> https://www.libvirt.org/hooks.html#intro says
> >>> "A network is started or stopped or an interface is
plugged/unplugged
> >>> to/from the network (since 1.2.2)".
> >>>
> >>> While I don't have a network defined in xml, I'd
expect this to work
> >>> just as well for 'ethernet' type interfaces. Am I
wrong?
> >>
> >>
> >> Hotplugging an 'ethernet' type of interface doesn't
really relate to any
> >> libvirt network. Hence libvirt doesn't call 'network'
hook script. If
> >> you'd continue reading you'll see what is the
'network' hook fed with
> >> (on stdin): info on domain in question AND network where the event
> >> ocurred. But there is no network, is it?
> >
> > No not in the libvirt sense there isn't, you're right.
> >>
> >> But maybe you can work around this by waiting for
> >> DEVICE_ADDED/DEVICE_REMOVED events? What is it that you're
trying to solve?
> >
> > I'd like to enable proxy_arp on the interface among other things.
> > I can easily do this from the same script that adds the interface
> > though, so I have a workaround, but a hook that triggers on all
> > interface events felt cleaner.
>
> Also keep in mind that the hook scripts aren't an officially supported
> part of the API, and are thus liable to change without warning. As an
> example, danpb has proposed changing the network hook:
>
>   https://www.redhat.com/archives/libvir-list/2019-March/msg01280.html
>
> Once this goes in, any network hook script that uses the plugged and
> unplugged hooks will no longer work; you would instead need to use the
> port-created and port-deleted hooks.
That's good to know, thank you Laine.

In that case perhaps adding this functionality to libvirt itself would
make more sense?

Some background, I'm implementing
https://vincent.bernat.ch/en/blog/2018-l3-routing-hypervisor, so
announcing /32 host routes to our vms with BGP.
Our existing vms use /24 network addressing, and to keep that working,
I need to set proxy_arp on the interface.

Kind regards,

Ruben