"nixos-rebuild switch" kills container networking 2 #26342
Description
Issue description
When upgrading from 69d9061908 to 05126bc8503 (release-17.03), network-setup.service was stopped and then started. Because br0-netdev.service has PartOf=network-setup.service it was stopped too, despite configured X-ReloadIfChanged=true. This effectively broke internet access in container, just as described in #21745
Looks like #22850 wasn't designed to handle such cases. In other words, it didn't fix the #21745 at all!
pinging @volth @kampfschlaefer @fpletz who were involved previously.
Steps to reproduce
Here is an adapted test that shows what did I expect:
with import <nixpkgs/nixos/lib/testing.nix> { system = builtins.currentSystem; };
makeTest {
nodes = {
client = { lib, pkgs, ... }: {
networking.firewall.enable = false;
networking.bridges.br0.interfaces = [ "eth1" ];
networking.interfaces = {
eth1.ip4 = lib.mkOverride 0 [ ];
br0.ip4 = [{ address = "192.168.1.1"; prefixLength = 24; }];
};
containers.webserver = {
autoStart = true;
privateNetwork = true;
hostBridge = "br0";
localAddress = "192.168.1.222/24";
config = {
networking.firewall.allowPing = true;
};
};
};
};
testScript = ''
startAll;
$client->waitForUnit("default.target");
$client->succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2");
$client->succeed("systemctl restart network-setup >&2");
$client->sleep(3);
$client->succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2");
'';
}
Technical details
- System: nixos 17.03,
69d9061908and05126bc8503