[lxc-devel] [lxd/master] Bugfixes
stgraber on Github
lxc-bot at linuxcontainers.org
Wed May 24 04:41:57 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20170524/c935e2a0/attachment.bin>
-------------- next part --------------
From 4f72309199beee7e3cb1f95f6e1beecb7b03258d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 23 May 2017 22:52:53 -0400
Subject: [PATCH 1/5] lxc: Fix obscure error on missing object name
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #3230
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxc/network.go | 4 ++++
lxc/storage.go | 4 ++++
2 files changed, 8 insertions(+)
diff --git a/lxc/network.go b/lxc/network.go
index 0fdea242e..be0dfcd58 100644
--- a/lxc/network.go
+++ b/lxc/network.go
@@ -504,6 +504,10 @@ func (c *networkCmd) doNetworkSet(client *lxd.Client, name string, args []string
}
func (c *networkCmd) doNetworkShow(client *lxd.Client, name string) error {
+ if name == "" {
+ return errArgs
+ }
+
network, err := client.NetworkGet(name)
if err != nil {
return err
diff --git a/lxc/storage.go b/lxc/storage.go
index 50bcc2a95..abd34efc7 100644
--- a/lxc/storage.go
+++ b/lxc/storage.go
@@ -649,6 +649,10 @@ func (c *storageCmd) doStoragePoolSet(client *lxd.Client, name string, args []st
}
func (c *storageCmd) doStoragePoolShow(client *lxd.Client, name string) error {
+ if name == "" {
+ return errArgs
+ }
+
pool, err := client.StoragePoolGet(name)
if err != nil {
return err
From 877744a1074985c5fa2f5954f95f2e71f72a7c3e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 23 May 2017 23:22:56 -0400
Subject: [PATCH 2/5] lxd/containers: fillNetworkDevice is only for nic
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/container_lxc.go | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 32b37a5db..db1a8536e 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -5960,15 +5960,15 @@ func (c *containerLXC) removeNetworkFilter(hwaddr string, bridge string) error {
func (c *containerLXC) removeNetworkFilters() error {
for k, m := range c.expandedDevices {
+ if m["type"] != "nic" || m["nictype"] != "bridged" {
+ continue
+ }
+
m, err := c.fillNetworkDevice(k, m)
if err != nil {
return err
}
- if m["type"] != "nic" || m["nictype"] != "bridged" {
- continue
- }
-
err = c.removeNetworkFilter(m["hwaddr"], m["parent"])
if err != nil {
return err
From 85a9930418eee961be4cd5b6e8d74b777a89c56e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 23 May 2017 23:58:24 -0400
Subject: [PATCH 3/5] lxd/containers: Also clear the host_name volatile
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/container_lxc.go | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index db1a8536e..22c56f432 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -1868,8 +1868,8 @@ func (c *containerLXC) startCommon() (string, error) {
continue
}
- // The only device keys we care about are name and hwaddr
- if !shared.StringInSlice(fields[2], []string{"name", "hwaddr"}) {
+ // The only device keys we care about are name, hwaddr and host_name
+ if !shared.StringInSlice(fields[2], []string{"name", "hwaddr", "host_name"}) {
continue
}
From 7e573af57ba31a377fbc1c37fdd7a471b7c3f74b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 23 May 2017 23:59:39 -0400
Subject: [PATCH 4/5] lxd/containers: Cleanup volatile keys on update
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #3231
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/container_lxc.go | 90 ++++++++++++++++++++++++----------------------------
1 file changed, 42 insertions(+), 48 deletions(-)
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 22c56f432..3042a1471 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -1847,51 +1847,6 @@ func (c *containerLXC) startCommon() (string, error) {
return "", err
}
- // Cleanup any leftover volatile entries
- netNames := []string{}
- for _, k := range c.expandedDevices.DeviceNames() {
- v := c.expandedDevices[k]
- if v["type"] == "nic" {
- netNames = append(netNames, k)
- }
- }
-
- for k := range c.localConfig {
- // We only care about volatile
- if !strings.HasPrefix(k, "volatile.") {
- continue
- }
-
- // Confirm it's a key of format volatile.<device>.<key>
- fields := strings.SplitN(k, ".", 3)
- if len(fields) != 3 {
- continue
- }
-
- // The only device keys we care about are name, hwaddr and host_name
- if !shared.StringInSlice(fields[2], []string{"name", "hwaddr", "host_name"}) {
- continue
- }
-
- // Check if the device still exists
- if shared.StringInSlice(fields[1], netNames) {
- // Don't remove the volatile entry if the device doesn't have the matching field set
- if c.expandedDevices[fields[1]][fields[2]] == "" {
- continue
- }
- }
-
- // Remove the volatile key from the DB
- err := dbContainerConfigRemove(c.daemon.db, c.id, k)
- if err != nil {
- return "", err
- }
-
- // Remove the volatile key from the in-memory configs
- delete(c.localConfig, k)
- delete(c.expandedConfig, k)
- }
-
// Rotate the log file
logfile := c.LogFilePath()
if shared.PathExists(logfile) {
@@ -3896,6 +3851,45 @@ func (c *containerLXC) Update(args containerArgs, userRequested bool) error {
}
}
+ // Cleanup any leftover volatile entries
+ netNames := []string{}
+ for _, k := range c.expandedDevices.DeviceNames() {
+ v := c.expandedDevices[k]
+ if v["type"] == "nic" {
+ netNames = append(netNames, k)
+ }
+ }
+
+ for k := range c.localConfig {
+ // We only care about volatile
+ if !strings.HasPrefix(k, "volatile.") {
+ continue
+ }
+
+ // Confirm it's a key of format volatile.<device>.<key>
+ fields := strings.SplitN(k, ".", 3)
+ if len(fields) != 3 {
+ continue
+ }
+
+ // The only device keys we care about are name and hwaddr
+ if !shared.StringInSlice(fields[2], []string{"name", "hwaddr", "host_name"}) {
+ continue
+ }
+
+ // Check if the device still exists
+ if shared.StringInSlice(fields[1], netNames) {
+ // Don't remove the volatile entry if the device doesn't have the matching field set
+ if c.expandedDevices[fields[1]][fields[2]] == "" {
+ continue
+ }
+ }
+
+ // Remove the volatile key from the in-memory configs
+ delete(c.localConfig, k)
+ delete(c.expandedConfig, k)
+ }
+
// Finally, apply the changes to the database
tx, err := dbBegin(c.daemon.db)
if err != nil {
@@ -3908,19 +3902,19 @@ func (c *containerLXC) Update(args containerArgs, userRequested bool) error {
return err
}
- err = dbContainerConfigInsert(tx, c.id, args.Config)
+ err = dbContainerConfigInsert(tx, c.id, c.localConfig)
if err != nil {
tx.Rollback()
return err
}
- err = dbContainerProfilesInsert(tx, c.id, args.Profiles)
+ err = dbContainerProfilesInsert(tx, c.id, c.profiles)
if err != nil {
tx.Rollback()
return err
}
- err = dbDevicesAdd(tx, "container", int64(c.id), args.Devices)
+ err = dbDevicesAdd(tx, "container", int64(c.id), c.localDevices)
if err != nil {
tx.Rollback()
return err
From 83bda7c1d00f0cfef52f93e0afa87e369effd211 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Wed, 24 May 2017 00:13:22 -0400
Subject: [PATCH 5/5] doc: Add section on macvlan vs bridge
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #3273
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
doc/containers.md | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/doc/containers.md b/doc/containers.md
index f47e10d45..c66207238 100644
--- a/doc/containers.md
+++ b/doc/containers.md
@@ -176,6 +176,23 @@ ipv4.address | string | - | no | bridged
ipv6.address | string | - | no | bridged | network | An IPv6 address to assign to the container through DHCP
security.mac\_filtering | boolean | false | no | bridged | network | Prevent the container from spoofing another's MAC address
+#### bridged or macvlan for connection to physical network
+The "bridged" and "macvlan" interface types can both be used to connect
+to an existing physical network.
+
+macvlan effectively lets you fork your physical NIC, getting a second
+interface that's then used by the container. This saves you from
+creating a bridge device and veth pairs and usually offers better
+performance than a bridge.
+
+The downside to this is that macvlan devices while able to communicate
+between themselves and to the outside, aren't able to talk to their
+parent device. This means that you can't use macvlan if you ever need
+your containers to talk to the host itself.
+
+In such case, a bridge is preferable. A bridge will also let you use mac
+filtering and I/O limits which cannot be applied to a macvlan device.
+
### Type: disk
Disk entries are essentially mountpoints inside the container. They can
either be a bind-mount of an existing file or directory on the host, or
More information about the lxc-devel
mailing list