From cfe08b9c7149a5dc1b70d665ce918cede8e484ba Mon Sep 17 00:00:00 2001 From: Nik Lutz Date: Wed, 18 May 2016 18:20:33 +0200 Subject: Replacing systemd-nspawn '--network-bridge=' with one config file per interface in /etc/network/interfaces.d. Signed-off-by: Daniel Baumann --- lib/container/create | 2 +- lib/container/start | 32 ++++++++++++++++++++++++++------ share/config/container.conf.in | 2 +- share/scripts/debconf | 5 ++++- 4 files changed, 32 insertions(+), 9 deletions(-) diff --git a/lib/container/create b/lib/container/create index 4d1d19b..4514a81 100755 --- a/lib/container/create +++ b/lib/container/create @@ -128,6 +128,7 @@ done mkdir -p "${CONFIG}" sed -e "s|@CNT_AUTOSTART@|${CNT_AUTOSTART}|g" \ + -e "s|@CNT_NETWORK_BRIDGE@|${CNT_NETWORK_BRIDGE}|g" \ -e "s|@NAME@|${NAME}|g" \ -e "s|@BIND@|${BIND}|g" \ -e "s|@BOOT@|yes|g" \ @@ -136,7 +137,6 @@ sed -e "s|@CNT_AUTOSTART@|${CNT_AUTOSTART}|g" \ -e "s|@DROP_CAPABILITY@|${DROP_CAPABILITY}|g" \ -e "s|@MACHINE@|${NAME}|g" \ -e "s|@NETWORK_VETH_EXTRA@|${NETWORK_VETH_EXTRA}|g" \ - -e "s|@NETWORK_BRIDGE@|br0|g" \ -e "s|@LINK_JOURNAL@|no|g" \ -e "s|@REGISTER@|yes|g" \ /usr/share/container-tools/config/container.conf.in > "${CONFIG}/${NAME}.conf" diff --git a/lib/container/start b/lib/container/start index fa717dd..112ee9b 100755 --- a/lib/container/start +++ b/lib/container/start @@ -185,15 +185,34 @@ then MACHINE="--machine=${NAME}" - NETWORK_BRIDGE="$(awk -F= '/^network-bridge=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + NETWORK_BRIDGES="$(awk -F= '/^cnt.network-bridge=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - case "${NETWORK_BRIDGE}" in + case "${NETWORK_BRIDGES}" in "") - NETWORK_BRIDGE="" ;; *) - NETWORK_BRIDGE="--network-bridge=${NETWORK_BRIDGE}" + for BRIDGE_DEFINITION in ${NETWORK_BRIDGES} + do + INTERFACE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $1 }')" + BRIDGE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $2 }')" + + if [ -n "${BRIDGE}" ] && [ -n "${INTERFACE}" ] + then + +cat > "/etc/network/interfaces.d/${INTERFACE}" << EOF +allow-hotplug ${INTERFACE} +iface ${INTERFACE} inet manual + pre-up ifconfig ${INTERFACE} up + post-up brctl addif ${BRIDGE} ${INTERFACE} + pre-down brctl delif ${BRIDGE} ${INTERFACE} + post-down ifconfig ${INTERFACE} down +EOF + + else + echo "'${BRIDGE_DEFINITION}': no such devices, ignoring" >&2 + fi + done ;; esac @@ -211,6 +230,7 @@ then INTERFACE="$(echo ${VETH} | awk -F: '{ print $1 }')" cat > "/etc/network/interfaces.d/${INTERFACE}" << EOF +allow-hotplug ${INTERFACE} iface ${INTERFACE} inet manual pre-up ifconfig ${INTERFACE} up post-down ifconfig ${INTERFACE} down @@ -312,11 +332,11 @@ fi # Run case "${SET_PROPERTY}" in true) - ${SETARCH} systemd-nspawn ${BIND} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_BRIDGE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} & \ + ${SETARCH} systemd-nspawn ${BIND} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} & \ systemctl --runtime set-property ${NAME} ${BLOCK_IO_DEVICE_WEIGHT} ${BLOCK_IO_READ_BANDWITH} ${BLOCK_IO_WEIGHT} ${BLOCK_IO_WRITE_BANDWITH} ${CPU_QUOTA} ${CPU_SHARES} ${MEMORY_LIMIT} ${TASKS_MAX} ;; *) - ${SETARCH} systemd-nspawn ${BIND} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_BRIDGE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} + ${SETARCH} systemd-nspawn ${BIND} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} ;; esac diff --git a/share/config/container.conf.in b/share/config/container.conf.in index f7d01be..5ea342a 100644 --- a/share/config/container.conf.in +++ b/share/config/container.conf.in @@ -2,6 +2,7 @@ [start] cnt.autostart=@CNT_AUTOSTART@ +cnt.network-bridge=@CNT_NETWORK_BRIDGE@ bind=@BIND@ boot=@BOOT@ capability=@CAPABILITY@ @@ -9,7 +10,6 @@ directory=@DIRECTORY@ drop-capability=@DROP_CAPABILITY@ machine=@MACHINE@ network-veth-extra=@NETWORK_VETH_EXTRA@ -network-bridge=@NETWORK_BRIDGE@ link-journal=@LINK_JOURNAL@ register=@REGISTER@ diff --git a/share/scripts/debconf b/share/scripts/debconf index bbdd65c..3bacbeb 100755 --- a/share/scripts/debconf +++ b/share/scripts/debconf @@ -902,12 +902,12 @@ Commands () fi # config (FIXME) - sed -i -e "s|^network-bridge=.*|network-bridge=${NETWORK0_BRIDGE}|" "${CONFIG}/${NAME}.conf" # maximum of 15 characters, prefix is 'veth-' HOSTNAME_SHORT="$(echo ${NAME} | cut -c-8)" HOST_INTERFACE_NAME="$(echo ${NETWORK0_VETH:-veth-${HOSTNAME_SHORT}-0})" + sed -i -e "s|^cnt.network-bridge=.*|cnt.network-bridge=${HOST_INTERFACE_NAME}:${NETWORK0_BRIDGE:-br0}|g" "${CONFIG}/${NAME}.conf" sed -i -e "s|^network-veth-extra=.*|network-veth-extra=${HOST_INTERFACE_NAME}:eth0|g" "${CONFIG}/${NAME}.conf" for NUMBER in $(seq 1 ${NETWORK_NUMBER}) @@ -925,6 +925,9 @@ Commands () CONTAINER_INTERFACE_NAME="eth${NUMBER}" sed -i -e "/^register=.*/ a network-veth-extra=${HOST_INTERFACE_NAME}:${CONTAINER_INTERFACE_NAME}" "${CONFIG}/${NAME}.conf" + + eval BRIDGE="$`echo NETWORK${NUMBER}_BRIDGE`" + sed -i -e "/^register=.*/ a cnt.network-bridge=${HOST_INTERFACE_NAME}:${BRIDGE:-br${NUMBER}}" "${CONFIG}/${NAME}.conf" done # Setting root password -- cgit v1.2.3