netavark: ipv6 network setup on a system with ipv6 disabled should return useful error message

Error in creating container


➜  ~ cat /etc/redhat-release
Fedora release 36 (Thirty Six)
➜  ~ uname -r
5.18.17-200.fc36.x86_64
➜  ~ uname -a
Linux localhost.localdomain 5.18.17-200.fc36.x86_64 containers/podman#1 SMP PREEMPT_DYNAMIC Thu Aug 11 14:36:06 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux


➜  ~ podman network ls
NETWORK ID    NAME        DRIVER
88c9b7b61afd  kind        bridge
2f259bab93aa  podman      bridge
➜  ~ podman inspect kind
[
     {
          "name": "kind",
          "id": "88c9b7b61afd09229a54869e7f3603416f588848f71343ee2706ca1dc21c1d49",
          "driver": "bridge",
          "network_interface": "podman1",
          "created": "2022-08-21T00:14:12.41086239+08:00",
          "subnets": [
               {
                    "subnet": "fc00:f853:ccd:e793::/64",
                    "gateway": "fc00:f853:ccd:e793::1"
               },
               {
                    "subnet": "10.89.0.0/24",
                    "gateway": "10.89.0.1"
               }
          ],
          "ipv6_enabled": true,
          "internal": false,
          "dns_enabled": true,
          "ipam_options": {
               "driver": "host-local"
          }
     }
]
➜  ~ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:03:5e:28 brd ff:ff:ff:ff:ff:ff
    inet 172.28.28.121/20 brd 172.28.31.255 scope global dynamic noprefixroute eth0
       valid_lft 85030sec preferred_lft 85030sec
5: podman1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 62:a5:c2:5f:89:9b brd ff:ff:ff:ff:ff:ff

➜  KIND_EXPERIMENTAL_PROVIDER=podman sudo kind create cluster --config ./config.yml
enabling experimental podman provider
Creating cluster "kind" ...
 ✓ Ensuring node image (localhost/kindest/node:22.10.20220801.1.24.3) 🖼
 ✗ Preparing nodes 📦 📦
ERROR: failed to create cluster: command "podman run --name kind-control-plane --hostname kind-control-plane --label io.x-k8s.kind.role=control-plane --privileged --tmpfs /tmp --tmpfs /run --volume 29eb75650a9b89f0032582a1d5930ac072f5dc8c4bd692a8a87255ebb184196b:/var:suid,exec,dev --volume /lib/modules:/lib/modules:ro -e KIND_EXPERIMENTAL_CONTAINERD_SNAPSHOTTER --detach --tty --net kind --label io.x-k8s.kind.cluster=kind -e container=podman --volume /dev/mapper:/dev/mapper --publish=127.0.0.1:43279:6443/tcp -e KUBECONFIG=/etc/kubernetes/admin.conf localhost/kindest/node:22.10.20220801.1.24.3" failed with error: exit status 126
Command Output: Error: netavark: failed to configure bridge and veth interface: failed while configuring network interface: failed to set ip address to podman1: Permission denied (os error 13)

About this issue

Original URL
State: closed
Created 2 years ago
Comments: 23 (6 by maintainers)

Commits related to this issue

netlink: return better error if ipv6 is disabled Right now getting a Permission denied error is not very helpful for users if adding an ipv6 addr fails because they have ipv6 disabled in the kernel. ... — committed to Luap99/netavark by Luap99 2 years ago

Most upvoted comments

I don’t think that fedora disables ipv6 by default. I use it on multiple fedora systems without issues and never tweaked anything to make it work.

Regardless, I agree that we should return a better error message to make clear what failed. I move the issue to netavark.

Luap99 on Oct 10, 2022