From 3ff612915d66026030db5a0feabcc0aa19cb8ef2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20Sp=C3=B6hel?= Date: Tue, 29 Jun 2021 13:52:59 +0200 Subject: Using openvswitch instead of linux bridges. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Simon Spöhel Signed-off-by: Daniel Baumann --- libexec/container/start | 68 +++++++++++++++++++++++-------------------------- libexec/container/stop | 6 +++++ 2 files changed, 38 insertions(+), 36 deletions(-) (limited to 'libexec/container') diff --git a/libexec/container/start b/libexec/container/start index 08c3611..6b35ea8 100755 --- a/libexec/container/start +++ b/libexec/container/start @@ -367,42 +367,6 @@ then ;; esac - NETWORK_BRIDGES="$(awk -Fcnt.network-bridge= '/^cnt.network-bridge=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - case "${NETWORK_BRIDGES}" in - "") - ;; - - *) - for BRIDGE_DEFINITION in ${NETWORK_BRIDGES} - do - INTERFACE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $1 }')" - BRIDGE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $2 }')" - - if [ "$(echo ${INTERFACE} | wc -c)" -gt 15 ] - then - echo "'${INTERFACE}': name exceeds maximum of 15 characters, network might be not working." - fi - - if [ -n "${BRIDGE}" ] && [ -n "${INTERFACE}" ] - then - -cat > "/etc/network/interfaces.d/${INTERFACE}" << EOF -allow-hotplug ${INTERFACE} -iface ${INTERFACE} inet manual - pre-up ip link set ${INTERFACE} up - post-up ip link set ${INTERFACE} master ${BRIDGE} - pre-down ip link set ${INTERFACE} nomaster - post-down ip link set ${INTERFACE} down -EOF - - else - echo "Warning bridge definition '${BRIDGE_DEFINITION}' not recognized (expected :): Ignoring" - fi - done - ;; - esac - PRIVATE_USERS="$(awk -Fprivate-users= '/^private-users=/ { print $2 }' ${CONFIG}/${NAME}.conf || echo no)" case "${PRIVATE_USERS}" in @@ -536,3 +500,35 @@ case "${START}" in esac ;; esac + +# waiting for systemd-nspawn to create the veth interfaces +sleep 1 +NETWORK_BRIDGES="$(awk -Fcnt.network-bridge= '/^cnt.network-bridge=/ { print $2 }' ${CONFIG}/${NAME}.conf)" + +case "${NETWORK_BRIDGES}" in + "") + ;; + + *) + for BRIDGE_DEFINITION in ${NETWORK_BRIDGES} + do + INTERFACE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $1 }')" + BRIDGE="$(echo ${BRIDGE_DEFINITION} | awk -F: '{ print $2 }')" + + if [ "$(echo ${INTERFACE} | wc -c)" -gt 15 ] + then + echo "'${INTERFACE}': name exceeds maximum of 15 characters, network might be not working." + fi + + if [ -n "${BRIDGE}" ] && [ -n "${INTERFACE}" ] + then + + ip link set "${INTERFACE}" up + ovs-vsctl --may-exist add-port "${BRIDGE}" "${INTERFACE}" + + else + echo "Warning bridge definition '${BRIDGE_DEFINITION}' not recognized (expected :): Ignoring" + fi + done + ;; +esac diff --git a/libexec/container/stop b/libexec/container/stop index 58fc0e9..52b40d1 100755 --- a/libexec/container/stop +++ b/libexec/container/stop @@ -261,6 +261,12 @@ case "${VERBOSE}" in ;; esac +VETHS="$(awk -Fnetwork-veth-extra= '/^network-veth-extra=/ { print $2 }' ${CONFIG}/${NAME}.conf | awk -F: '{ print $1 }')" +for VETH in ${VETHS} +do + ovs-vsctl --if-exist del-port "${VETH}" +done + machinectl ${MODE} ${NAME} case "${FORCE}" in -- cgit v1.2.3