There is a technology called LXC (Linux Containers). It provides an application-level virtualization environment on Linux, but recently I encountered a problem that I could not get an IPv4 address on that machine. In this article, we will introduce the causes and countermeasures. Note) LXC and LXD are confused in the article.
TL; DR
On the virtual machine
Run systemctl edit systemd-networkd.service to get the editor you started
[Service]
BindReadOnlyPaths=/sys
Enter and save.
Then run systemctl restart systemd-networkd.service to restart the service.
It is known that this problem mainly occurs in an environment that meets the following conditions.
--Systemd-networkd is used for the DHCP client --systemd version is 244.1 or higher
Currently, this environment is only met by leading distributions such as ArchLinux and Fedora, but since it is not a distribution-dependent issue, the number of systems affected by the issue is likely to grow in the future.
LXC knows the cause of the problem and is currently working on it. https://discuss.linuxcontainers.org/t/no-ipv4-on-arch-linux-containers/6395/23 According to this regression, this is due to a bug fix in systemd-224.1, which is due to the / sys directory not being read-only inside the container.
Write permission to / sys is required inside the container for various reasons such as udev and network operations, but systemd seems to have rejected LXC's fix proposal for this problem.
Therefore, it is possible to deal with it, but it seems that minor modifications on the LXC side will not be enough, and it will be an escalation to the kernel level.
It will be fixed eventually, but this issue needs to be addressed tentatively until a new patched kernel is available.
The following are proposed as temporary measures that can be taken by the user.
--Read-only mount / sys in container --Override the systemd-networkd unit file and mount / sys read-only (first method)
Currently, LXC is considering distributing the distribution image with the systemd-networkd override file.
As mentioned above, it is urgent, but I hope it will be helpful.