0

I am trying to set the name of the interface inside the a container via netlink. IE: eth0 I want set to mang0.

Inside the container the root user gets permissions errors when they try to change the interface's properties:

root@d1df4b33fffc:/tmp/contbuild# ip link set eth0 down
RTNETLINK answers: Operation not permitted
root@d1df4b33fffc:/tmp/contbuild# ip link set eth0 name man0
RTNETLINK answers: Operation not permitted
root@d1df4b33fffc:/tmp/contbuild# ip link set eth0 alias man0
RTNETLINK answers: Operation not permitted

Outside the container, I see the set interface name command send in the kernel messages:

[ +11.115152] docker0: port 1(veth3a3f2f4) entered blocking state
[  +0.000007] docker0: port 1(veth3a3f2f4) entered disabled state
[  +0.000171] device veth3a3f2f4 entered promiscuous mode
[  +0.009358] IPv6: ADDRCONF(NETDEV_UP): veth3a3f2f4: link is not ready
[  +0.386448] eth0: renamed from vetheac9d07
[  +0.000259] IPv6: ADDRCONF(NETDEV_CHANGE): veth3a3f2f4: link becomes ready
[  +0.000031] docker0: port 1(veth3a3f2f4) entered blocking state
[  +0.000002] docker0: port 1(veth3a3f2f4) entered forwarding state

I also see the corresponding veth pair on the host veth3a3f2f4@if662, but I cannot see the container's veth in any other netns (ip netns show is blank).

So I would like tp know:

  • how is docker setting the name to eth0 and is there a way to easily change it
  • why can I not see the netns for the container and/or the container's interface from the host?
Liam Kelly
  • 3,524
  • 1
  • 17
  • 41

1 Answers1

0

I found a work around by running the container with --cap-add=NET_ADMIN and doing the following internally

ip link set dev eth0 down
ip link set dev eth0 name eth1
ip link set dev eth0 up
Liam Kelly
  • 3,524
  • 1
  • 17
  • 41