Skip to content

[WIP]PVM-681: shorten non-FIPS NIC names on fresh bare-metal installs#623

Open
abhinavnagaraj wants to merge 5 commits into
mainfrom
fix/non-fips-net-interface-naming
Open

[WIP]PVM-681: shorten non-FIPS NIC names on fresh bare-metal installs#623
abhinavnagaraj wants to merge 5 commits into
mainfrom
fix/non-fips-net-interface-naming

Conversation

@abhinavnagaraj

@abhinavnagaraj abhinavnagaraj commented Jun 14, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

Non-FIPS HWE kernels (6.8+) expose phys_port_name, so systemd on Ubuntu 22.04 (249) appends an np* suffix to predictable interface names (e.g. enp153s0f0np0, eno12399np0). That pushes names past Linux’s 15-character limit and breaks VLAN sub-interfaces in Stylus.

This PR adds a late udev rule that strips trailing np[0-9]+ from predictable names. It is install-only: a marker file is written to /oem during fresh ISO/UKI install (cloudconfigs/80_canvos_net_naming.yaml). Legacy nodes without the marker keep their existing long names across day-2 provider upgrades.

Approach

  • overlay/files/usr/lib/canvos/canvos-strip-np-suffix — helper invoked by udev; strips np* only when the install marker is present
  • overlay/files/etc/udev/rules.d/99-canvos-net-naming.rules — runs after 80-net-setup-link
  • cloudconfigs/80_canvos_net_naming.yaml — creates /oem/.canvos-strip-np-enabled and /etc/canvos/strip-np-enabled on fresh install
  • Earthfile — installs the above for all supported non-FIPS OS targets; regenerates initrd after udev rules are in place

FIPS builds are unchanged (FIPS_ENABLED=true gate).

Deployment coverage

Target Fresh install Legacy day-2 provider upgrade
Bare metal (non-FIPS) Short names (enp153s0f0) Long names unchanged — not breaking
Bare metal (FIPS) Unchanged (5.15-fips, no rule) Unchanged
VMware (ens*) No np* suffix — pass-through No change
Agent-mode AWS (ens*) No np* suffix — pass-through Provider rsync only; OS udev stack not replaced on day-2
UKI / MAAS / cloud ISO Marker written on install Legacy behavior same as bare metal

Test plan

  • Build non-FIPS Ubuntu 22 amd64 ISO from this branch
  • Fresh install on Supermicro bare metal: ip link shows names without np* (e.g. enp153s0f0)
  • Verify /oem/.canvos-strip-np-enabled exists after install
  • Create VLAN .100 on a multi-port NIC — combined name ≤ 15 chars
  • Simulate legacy node (no marker): helper returns input unchanged for eno12399np0
  • Day-2 provider upgrade on legacy node: interface names remain *np* after reboot
  • VMware / AWS: ens* names unchanged

@abhinavnagaraj @cursoragent
fix: shorten non-FIPS predictable NIC names on multi-port hardware
fc8520b 
Non-FIPS HWE kernels append np* physical-port suffixes (e.g.
enp153s0f0np0), which breaks VLAN sub-interfaces under Linux's 15-char
limit. Install udev hwdb rules and pin net.naming-scheme=v252 for
non-FIPS Ubuntu builds only; FIPS images are unchanged.

Co-authored-by: Cursor <cursoragent@cursor.com>
@abhinavnagaraj abhinavnagaraj force-pushed the fix/non-fips-net-interface-naming branch from bf434af to fc8520b Compare June 15, 2026 07:07
abhinavnagaraj and others added 3 commits June 15, 2026 21:06
@abhinavnagaraj @cursoragent
fix: strip np* NIC suffix via udev on systemd 249
50681d3 
hwdb ID_NET_NAME_ALLOW_* and net.naming-scheme=v252 do not suppress
phys_port_name suffixes on Ubuntu 22.04. Use a late udev rule instead.

Co-authored-by: Cursor <cursoragent@cursor.com>
@abhinavnagaraj @cursoragent
fix: install np* strip udev rule on all CanvOS OS targets
f3b5644 
Move net-naming into overlay/files and install from base-image for every
supported distribution and image type (ISO, UKI, cloud/agent AWS, MAAS).
VMware and AWS ens* names pass through unchanged.

Co-authored-by: Cursor <cursoragent@cursor.com>
@abhinavnagaraj @cursoragent
fix: gate np* stripping to fresh installs only
1fea35a 
Legacy production nodes keep long interface names across day-2 provider
upgrades. Fresh installs write /oem/.canvos-strip-np-enabled during
after-install so new bare-metal nodes get VLAN-safe short names.

Co-authored-by: Cursor <cursoragent@cursor.com>
@abhinavnagaraj abhinavnagaraj changed the title [WIP]fix: shorten non-FIPS predictable NIC names on multi-port hardware fix: shorten non-FIPS NIC names on fresh bare-metal installs Jun 15, 2026
@abhinavnagaraj @cursoragent
docs: clarify OEM marker is source of truth for np* stripping
fb74021 
Document that /etc/canvos/strip-np-enabled is an initramfs/early-boot
fallback and may not persist after install; /oem/.canvos-strip-np-enabled
is the durable install marker on deployed nodes.

Co-authored-by: Cursor <cursoragent@cursor.com>
@abhinavnagaraj abhinavnagaraj changed the title fix: shorten non-FIPS NIC names on fresh bare-metal installs PVM-681: shorten non-FIPS NIC names on fresh bare-metal installs Jun 16, 2026
@abhinavnagaraj abhinavnagaraj changed the title PVM-681: shorten non-FIPS NIC names on fresh bare-metal installs [WIP]PVM-681: shorten non-FIPS NIC names on fresh bare-metal installs Jun 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@santhoshdaivajna santhoshdaivajna Awaiting requested review from santhoshdaivajna

@nianyush nianyush Awaiting requested review from nianyush

@rishi-anand rishi-anand Awaiting requested review from rishi-anand

@vipsharm vipsharm Awaiting requested review from vipsharm

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

do-not-merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@abhinavnagaraj