[lxc-devel] [lxd/master] IPVLAN cleanup
tomponline on Github
lxc-bot at linuxcontainers.org
Fri May 10 07:57:20 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 435 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190510/7275c8a8/attachment.bin>
-------------- next part --------------
From c1f7f15ee30b198fffa6d44f6370d334746119b2 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Fri, 10 May 2019 08:47:29 +0100
Subject: [PATCH 1/2] test: ipvlan test activates ipv4 forwarding
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
test/suites/container_devices_nic_ipvlan.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/test/suites/container_devices_nic_ipvlan.sh b/test/suites/container_devices_nic_ipvlan.sh
index 2e7d98224f..737bd92005 100644
--- a/test/suites/container_devices_nic_ipvlan.sh
+++ b/test/suites/container_devices_nic_ipvlan.sh
@@ -16,6 +16,7 @@ test_container_devices_nic_ipvlan() {
# Check that starting IPVLAN container.
sysctl net.ipv6.conf."${ct_name}".proxy_ndp=1
sysctl net.ipv6.conf."${ct_name}".forwarding=1
+ sysctl net.ipv4.conf."${ct_name}".forwarding=1
lxc init testimage "${ct_name}"
lxc config device add "${ct_name}" eth0 nic \
nictype=ipvlan \
From bdc6452b5428066c8cb26fd14f40e874084c589f Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Fri, 10 May 2019 08:48:22 +0100
Subject: [PATCH 2/2] container/lxc: Moves IPVLAN init code into own function
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/container_lxc.go | 112 +++++++++++++++++++++++--------------------
1 file changed, 61 insertions(+), 51 deletions(-)
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 24ae77f413..4955294dbf 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -1672,60 +1672,10 @@ func (c *containerLXC) initLXC(config bool) error {
return err
}
} else if m["nictype"] == "ipvlan" {
- err = c.checkIPVLANSupport()
+ err = c.initLXCIPVLAN(cc, networkKeyPrefix, networkidx, m)
if err != nil {
return err
}
-
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.type", networkKeyPrefix, networkidx), "ipvlan")
- if err != nil {
- return err
- }
-
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipvlan.mode", networkKeyPrefix, networkidx), "l3s")
- if err != nil {
- return err
- }
-
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipvlan.isolation", networkKeyPrefix, networkidx), "bridge")
- if err != nil {
- return err
- }
-
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.l2proxy", networkKeyPrefix, networkidx), "1")
- if err != nil {
- return err
- }
-
- if m["ipv4.address"] != "" {
- for _, addr := range strings.Split(m["ipv4.address"], ",") {
- addr = strings.TrimSpace(addr)
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv4.address", networkKeyPrefix, networkidx), fmt.Sprintf("%s/32", addr))
- if err != nil {
- return err
- }
- }
-
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv4.gateway", networkKeyPrefix, networkidx), "dev")
- if err != nil {
- return err
- }
- }
-
- if m["ipv6.address"] != "" {
- for _, addr := range strings.Split(m["ipv6.address"], ",") {
- addr = strings.TrimSpace(addr)
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv6.address", networkKeyPrefix, networkidx), fmt.Sprintf("%s/128", addr))
- if err != nil {
- return err
- }
- }
-
- err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv6.gateway", networkKeyPrefix, networkidx), "dev")
- if err != nil {
- return err
- }
- }
}
// Check if the container has network specific keys set to avoid unnecessarily running the network up hook.
@@ -1943,6 +1893,66 @@ func (c *containerLXC) initLXC(config bool) error {
return nil
}
+// initLXCIPVLAN runs as part of initLXC function and initialises liblxc with the IPVLAN config.
+func (c *containerLXC) initLXCIPVLAN(cc *lxc.Container, networkKeyPrefix string, networkidx int, m map[string]string) error {
+ err := c.checkIPVLANSupport()
+ if err != nil {
+ return err
+ }
+
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.type", networkKeyPrefix, networkidx), "ipvlan")
+ if err != nil {
+ return err
+ }
+
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipvlan.mode", networkKeyPrefix, networkidx), "l3s")
+ if err != nil {
+ return err
+ }
+
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipvlan.isolation", networkKeyPrefix, networkidx), "bridge")
+ if err != nil {
+ return err
+ }
+
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.l2proxy", networkKeyPrefix, networkidx), "1")
+ if err != nil {
+ return err
+ }
+
+ if m["ipv4.address"] != "" {
+ for _, addr := range strings.Split(m["ipv4.address"], ",") {
+ addr = strings.TrimSpace(addr)
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv4.address", networkKeyPrefix, networkidx), fmt.Sprintf("%s/32", addr))
+ if err != nil {
+ return err
+ }
+ }
+
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv4.gateway", networkKeyPrefix, networkidx), "dev")
+ if err != nil {
+ return err
+ }
+ }
+
+ if m["ipv6.address"] != "" {
+ for _, addr := range strings.Split(m["ipv6.address"], ",") {
+ addr = strings.TrimSpace(addr)
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv6.address", networkKeyPrefix, networkidx), fmt.Sprintf("%s/128", addr))
+ if err != nil {
+ return err
+ }
+ }
+
+ err = lxcSetConfigItem(cc, fmt.Sprintf("%s.%d.ipv6.gateway", networkKeyPrefix, networkidx), "dev")
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
// Initialize storage interface for this container
func (c *containerLXC) initStorage() error {
if c.storage != nil {
More information about the lxc-devel
mailing list