Hi everyone,
another surprise occurred after upgrading 13.0R to 13.1-RELEASE. The linux VM stopped starting that is using 3 tap devices to talk to the host. My best guess is that access to tap interfaces changed but didn't yet find a way to give permission to the jail.
Jail used to start with:
tried to add allow.raw_sockets as well allow.socket_af as it appears to be socket protocol related, but didn't allow bhyve to work with it.
sysctl that previously worked:
and devfs.rules for bhyve;:
Wondering, if anyone in the field also runs bhyve inside jails using tap and got success in 13.1-RELEASE to start them (again). Any hints appreciated.
another surprise occurred after upgrading 13.0R to 13.1-RELEASE. The linux VM stopped starting that is using 3 tap devices to talk to the host. My best guess is that access to tap interfaces changed but didn't yet find a way to give permission to the jail.
Jail used to start with:
Code:
grub-bhyve -m device.map -r host -d /vmm/lnx1v -c /dev/nmdm3A -M 6GB lnx1v-jail
bhyve -c 2 -A -H -P -m 6GB -s 0,hostbridge -s 1,lpc -s 2,virtio-blk,/dev/md42 -s 6,virtio-blk,/dev/zvol/tank/vm/lnxdisk0 -s 3,virtio-net,tap0 -s 4,virtio-net,tap1 -s 5,virtio-net,tap2 -lcom1,/dev/nmdm3A lnx1v-jail
Could open socket
device emulation initialization error: Protocol not supported
Code:
jail.conf snipped:
bee {
devfs_ruleset = 27;
allow.vmm;
allow.raw_sockets;
persist;
allow.socket_af;
host.hostname = "bee";
path = /tank/bee;
}
tried to add allow.raw_sockets as well allow.socket_af as it appears to be socket protocol related, but didn't allow bhyve to work with it.
sysctl that previously worked:
Code:
net.link.tap.up_on_open=1
net.link.tap.user_open=1
and devfs.rules for bhyve;:
Code:
[devfs_rules_bhyve_jail=27]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path vmm unhide
add path vmm/* unhide
add path vmm.io unhide
add path vmm.io/* unhide
add path tap* unhide
add path zvol unhide
add path zvol/tank unhide
add path zvol/tank/vm unhide
add path zvol/tank/vm/* unhide
add path nmdm* unhide
add path 'md*' unhide
add path 'md*' mode 0777
#add path mem unhide
#add path kmem unhide
#add path pci unhide
#add path io unhide
Wondering, if anyone in the field also runs bhyve inside jails using tap and got success in 13.1-RELEASE to start them (again). Any hints appreciated.