NetworkManager接管vxlan网卡等导致容器网络不通

表格
复制
检查方式    结果含义
nmcli device status 中 vxlan 接口为 unmanaged    未接管
nmcli connection show 中有 vxlan 配置    已接管
ip link 能看到接口但 nmcli 看不到    手动创建，未接管

 

 

// 确认有类似配置文件，文件名不一定是net_calico.conf
// 类似网卡，避免被NetworkManager接管
## /etc/NetworkManager/conf.d/net_calico.conf

[keyfile]
unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:vxlan-v6.calico;interface-name:docker0;interface-name:cni0;interface-name:kube-ipvs0

 

systemctl stop NetworkManager
systemctl restart NetworkManager

 

// 验证，删除虚拟网卡，会自动重建(或者本身就被托管了，导致看不到到虚拟网卡)
[root@kcs-defew-s-c7d52 ~]# ip link |grep vxlan
29: vxlan-v6.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
30: vxlan.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000

// 删除某一个虚拟网卡
[root@kcs-defew-s-c7d52 ~]# ip link del vxlan.calico

[root@kcs-defew-s-c7d52 ~]# ip link |grep vxlan
29: vxlan-v6.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000

// 等一会，发现会自动重建
[root@kcs-defew-s-c7d52 ~]# ip link |grep vxlan
29: vxlan-v6.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
31: vxlan.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
[root@kcs-defew-s-c7d52 ~]#