On 3/17/21 1:51 PM, brent s. wrote:
On 3/17/21 13:19, Alex Crawford wrote:
I'm trying to take advantage of libvirt's support for passing through
options to dnsmasq
<https://libvirt.org/formatnetwork.html#elementsNamespaces>, but I'm
having trouble getting it to take effect. I have a network already
created and I'm trying to use net-update to add the options, but it's
not clear to me what section I should specify. By the way, is there a
good way to list the available sections? I've been resorting to reading
the code
<https://gitlab.com/libvirt/libvirt/-/blob/18d0f2f9569edf3c26d912a7d8974a54bb32eee9/include/libvirt/libvirt-network.h#L158-175>.
Working in a different direction, I tried using net-edit to make the
changes but they seem to have been silently discarded:
$ virsh -c qemu:///system net-edit crawford-libvirt-67v2h
Network crawford-libvirt-67v2h XML configuration edited.
$ virsh -c qemu:///system net-dumpxml crawford-libvirt-67v2h | grep
--count <my changes>
0
Can anyone tell me what I'm doing wrong or how this feature was intended
to be used? Thank you.
https://wiki.libvirt.org/page/Networking#Applying_modifications_to_the_network
-Alex
The last time I tried using net-update, if I recall it didn't support
full editing.
That is correct, and it is by design. When I added the virNetworkUpdate
API I started with exactly that idea, but during discussions we decided
against allowing such freeform changing of anything and everything in
the network's config (I don't remember the arguments in either direction
now, but I definitely remember the discussion happening :-))
I had to net-edit the network in question and restart it
(to do exactly what you're trying to do, I should note!). I don't think
net-update lets you edit the root element's namespace (which is what you
need to do for e.g. <dnsmasq:options> to not be eaten).
<dnsmasq:options> is in some ways even beyond just "editing the root
element's namespace" - it is adding opaque stuff into the dnsmasq
commandline that will have effects that can't be comprehended by
libvirt's network driver - it could do something that completely
counteracts what libvirt has purposefully added.
But I digress. You are correct that <dnsmasq:options> can't be changed
with virsh net-update.
The good news, though, is that you can safely net-destroy and then
net-start the network, and get full connectivity of all your guests
(whose tap devices have just been disconnected from the network's bridge
by the restart) back by just restarting libvirtd.service (at least if
you have a libvirt that is newer than a couple years old). This means
that, aside from the short disruption in connectivity during the time
between "virsh net-destroy $net" and "systemctl restart
libvirtd.service", the effect will be the same as if you had been able
to do the modification with virsh net-update.
For reference, the modified root element looks like this:
<network xmlns:dnsmasq="http://libvirt.org/schemas/network/dnsmasq/1.0">
<!-- Normal network definition here... -->
<dnsmasq:options>
<dnsmasq:option value="log-dhcp"/>
</dnsmasq:options>
</network>