diff --git a/changelog/bugfixes/2026-01-28-proxmoxve.md b/changelog/bugfixes/2026-01-28-proxmoxve.md new file mode 100644 index 00000000000..87445da0f20 --- /dev/null +++ b/changelog/bugfixes/2026-01-28-proxmoxve.md @@ -0,0 +1 @@ +- Fixed static network configuration from cloud-init on ProxmoxVE ([flatcar/scripts#3677](https://github.com/flatcar/scripts/pull/3677)) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/coreos-base/afterburn/0001-proxmoxve-explicit-static-IP-configuration.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/coreos-base/afterburn/0001-proxmoxve-explicit-static-IP-configuration.patch new file mode 100644 index 00000000000..d79d15375b9 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/coreos-base/afterburn/0001-proxmoxve-explicit-static-IP-configuration.patch @@ -0,0 +1,55 @@ +From ed2e4f4d301df757bbfda3cb61de753d45384740 Mon Sep 17 00:00:00 2001 +From: Mathieu Tortuyaux +Date: Fri, 26 Jun 2026 12:11:42 +0200 +Subject: [PATCH] proxmoxve: explicit static IP configuration + +This costs nothing to append - dracut explodes this 'ip=' into variables[^1], +and downstream libraries might default to 'dhcp' if the 'autoconf' +variable is empty. + +[^1]: https://github.com/dracutdevs/dracut/blob/5d2bda46f4e75e85445ee4d3bd3f68bf966287b9/modules.d/40network/net-lib.sh#L541 + +Signed-off-by: Mathieu Tortuyaux +--- + src/providers/proxmoxve/cloudconfig.rs | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/providers/proxmoxve/cloudconfig.rs b/src/providers/proxmoxve/cloudconfig.rs +index 69d806f..2b7ca1f 100644 +--- a/src/providers/proxmoxve/cloudconfig.rs ++++ b/src/providers/proxmoxve/cloudconfig.rs +@@ -199,13 +199,13 @@ impl MetadataProvider for ProxmoxVECloudConfig { + .find(|r| r.destination.is_ipv4() && r.destination.prefix() == 0) + { + kargs.push(format!( +- "ip={}::{}:{}", ++ "ip={}::{}:{}:::off", + network.ip(), + gateway.gateway, + network.mask() + )); + } else { +- kargs.push(format!("ip={}:::{}", network.ip(), network.mask())); ++ kargs.push(format!("ip={}:::{}:::off", network.ip(), network.mask())); + } + } + IpNetwork::V6(network) => { +@@ -215,13 +215,13 @@ impl MetadataProvider for ProxmoxVECloudConfig { + .find(|r| r.destination.is_ipv6() && r.destination.prefix() == 0) + { + kargs.push(format!( +- "ip={}::{}:{}", ++ "ip={}::{}:{}:::off", + network.ip(), + gateway.gateway, + network.prefix() + )); + } else { +- kargs.push(format!("ip={}:::{}", network.ip(), network.prefix())); ++ kargs.push(format!("ip={}:::{}:::off", network.ip(), network.prefix())); + } + } + } +-- +2.53.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-afterburn-sync-network-kars-with-supported-provider.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-afterburn-sync-network-kars-with-supported-provider.patch new file mode 100644 index 00000000000..6c1bb7711b7 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-afterburn-sync-network-kars-with-supported-provider.patch @@ -0,0 +1,32 @@ +From c44cfb1ab432ca26cd6498057f45d9d669418d8f Mon Sep 17 00:00:00 2001 +From: Mathieu Tortuyaux +Date: Wed, 28 Jan 2026 16:13:44 +0100 +Subject: [PATCH] afterburn: sync network kars with supported provider + +There is now a support for ProxmoxVE and Kubevirt: +https://github.com/coreos/afterburn/blob/8f6d5877c96b4d974f18a4782e6e275efdbd94d6/src/initrd/mod.rs#L20-L24 + +Signed-off-by: Mathieu Tortuyaux +--- + dracut/50flatcar-network/afterburn-network-kargs.service | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/dracut/50flatcar-network/afterburn-network-kargs.service b/dracut/50flatcar-network/afterburn-network-kargs.service +index a382e59..f01fd5b 100644 +--- a/dracut/50flatcar-network/afterburn-network-kargs.service ++++ b/dracut/50flatcar-network/afterburn-network-kargs.service +@@ -10,6 +10,11 @@ PartOf=systemd-networkd.service + # For extra safety + ConditionKernelCommandLine=|coreos.oem.id=vmware + ConditionKernelCommandLine=|flatcar.oem.id=vmware ++ConditionKernelCommandLine=|coreos.oem.id=proxmoxve ++ConditionKernelCommandLine=|flatcar.oem.id=proxmoxve ++ConditionKernelCommandLine=|coreos.oem.id=kubevirt ++ConditionKernelCommandLine=|flatcar.oem.id=kubevirt ++ + OnFailure=emergency.target + OnFailureJobMode=replace-irreversibly + +-- +2.53.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-parse-ip-it-does-not-make-any-sense-to-configure-loo.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-parse-ip-it-does-not-make-any-sense-to-configure-loo.patch new file mode 100644 index 00000000000..d1e58083e3e --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-parse-ip-it-does-not-make-any-sense-to-configure-loo.patch @@ -0,0 +1,25 @@ +From 852d1878f0757840e9ced6a7cdcefe5988345d4f Mon Sep 17 00:00:00 2001 +From: Mathieu Tortuyaux +Date: Tue, 30 Jun 2026 15:25:16 +0200 +Subject: [PATCH] parse-ip: it does not make any sense to configure 'loopback' + +Signed-off-by: Mathieu Tortuyaux +--- + dracut/50flatcar-network/parse-ip-for-networkd.sh | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/dracut/50flatcar-network/parse-ip-for-networkd.sh b/dracut/50flatcar-network/parse-ip-for-networkd.sh +index 4c144e6..4b0e616 100755 +--- a/dracut/50flatcar-network/parse-ip-for-networkd.sh ++++ b/dracut/50flatcar-network/parse-ip-for-networkd.sh +@@ -121,6 +121,7 @@ for p in $(getargs ip=); do + mkdir -p /etc/systemd/network + echo '[Match]' > $_net_file + _dev=${dev:-"*"}; echo "Name=$_dev" >> $_net_file ++ echo "Type=!loopback" >> $_net_file + echo '[Link]' >> $_net_file + [ -n "$macaddr" ] && echo "MACAddress=$macaddr" >> $_net_file + [ -n "$mtu" ] && echo "MTUBytes=$mtu" >> $_net_file +-- +2.53.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-parse-ip-read-nameserver-from-command-line.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-parse-ip-read-nameserver-from-command-line.patch new file mode 100644 index 00000000000..e10dd293fb4 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/sys-kernel/bootengine/0001-parse-ip-read-nameserver-from-command-line.patch @@ -0,0 +1,39 @@ +From 7a0bf5696d5e701c995690a438af3a9712a15f5e Mon Sep 17 00:00:00 2001 +From: Mathieu Tortuyaux +Date: Fri, 26 Jun 2026 11:32:08 +0200 +Subject: [PATCH] parse-ip: read 'nameserver' from command line + +Afterburn ProxmoxVE provider injects the DNS/nameserver inside the +'nameserver=' command line parameter. + +Let's read it to later inject it to systemd network file. + +Signed-off-by: Mathieu Tortuyaux +--- + dracut/50flatcar-network/parse-ip-for-networkd.sh | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/dracut/50flatcar-network/parse-ip-for-networkd.sh b/dracut/50flatcar-network/parse-ip-for-networkd.sh +index 6bb015e..4c144e6 100755 +--- a/dracut/50flatcar-network/parse-ip-for-networkd.sh ++++ b/dracut/50flatcar-network/parse-ip-for-networkd.sh +@@ -68,6 +68,8 @@ function mask2cidr() { + echo $bits + } + ++nameserver=$(getarg nameserver=) ++ + # Check ip= lines + # XXX Would be nice if we could errorcheck ip addresses here as well + for p in $(getargs ip=); do +@@ -128,6 +130,7 @@ for p in $(getargs ip=); do + [ -n "$gw" ] && echo "Gateway=$gw" >> $_net_file + [ -n "$dns1" ] && echo "DNS=$dns1" >> $_net_file + [ -n "$dns2" ] && echo "DNS=$dns2" >> $_net_file ++ [ -n "$nameserver" ] && echo "DNS=$nameserver" >> $_net_file + echo '[Address]' >> $_net_file + [ -n "$ip" ] && echo "Address=$ip/${cidr:-24}" >> $_net_file + [ -n "$srv" ] && echo "Peer=$srv" >> $_net_file +-- +2.53.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r47.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r48.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r47.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r48.ebuild