[lxc-devel] [lxd/master] Add limits to routed & tweak network list
stgraber on Github
lxc-bot at linuxcontainers.org
Mon May 25 20:31:03 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200525/b2448436/attachment.bin>
-------------- next part --------------
From 464ce02658ce93f962485331317501665cd75c51 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Mon, 25 May 2020 13:05:09 -0400
Subject: [PATCH 1/3] lxc/network: Add IPv4/IPv6 columns
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxc/network.go | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/lxc/network.go b/lxc/network.go
index 2c24635e5a..e86e50600b 100644
--- a/lxc/network.go
+++ b/lxc/network.go
@@ -855,7 +855,15 @@ func (c *cmdNetworkList) Run(cmd *cobra.Command, args []string) error {
}
strUsedBy := fmt.Sprintf("%d", len(network.UsedBy))
- details := []string{network.Name, network.Type, strManaged, network.Description, strUsedBy}
+ details := []string{
+ network.Name,
+ network.Type,
+ strManaged,
+ network.Config["ipv4.address"],
+ network.Config["ipv6.address"],
+ network.Description,
+ strUsedBy,
+ }
if resource.server.IsClustered() {
details = append(details, strings.ToUpper(network.Status))
}
@@ -867,6 +875,8 @@ func (c *cmdNetworkList) Run(cmd *cobra.Command, args []string) error {
i18n.G("NAME"),
i18n.G("TYPE"),
i18n.G("MANAGED"),
+ i18n.G("IPV4"),
+ i18n.G("IPV6"),
i18n.G("DESCRIPTION"),
i18n.G("USED BY"),
}
From 6bc26a9ecbdd6fc918411476822c3185f22efefb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Mon, 25 May 2020 16:29:59 -0400
Subject: [PATCH 2/3] api: Add container_nic_routed_limits
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
doc/api-extensions.md | 3 +++
shared/version/api.go | 1 +
2 files changed, 4 insertions(+)
diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index dfb2c878fa..2361e704dd 100644
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -1041,3 +1041,6 @@ It also introduces the following new endpoint:
## network\_dns\_search
This introduces the `dns.search` config option on networks.
+
+## container\_nic\_routed\_limits
+This introduces `limits.ingress`, `limits.egress` and `limits.max` for routed NICs.
diff --git a/shared/version/api.go b/shared/version/api.go
index 975d0221cf..cecebe0847 100644
--- a/shared/version/api.go
+++ b/shared/version/api.go
@@ -211,6 +211,7 @@ var APIExtensions = []string{
"resources_system",
"images_push_relay",
"network_dns_search",
+ "container_nic_routed_limits",
}
// APIExtensionsCount returns the number of available API extensions.
From d56333ab8292a56daf9f98969c31219dc5b5cfd1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Mon, 25 May 2020 16:30:12 -0400
Subject: [PATCH 3/3] lxd/device/nic/routed: Add limits support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #7318
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
doc/instances.md | 3 +++
lxd/device/nic_routed.go | 36 ++++++++++++++++++++++++++++++++++--
2 files changed, 37 insertions(+), 2 deletions(-)
diff --git a/doc/instances.md b/doc/instances.md
index 0991bd9c41..7d6328f504 100644
--- a/doc/instances.md
+++ b/doc/instances.md
@@ -474,6 +474,9 @@ name | string | kernel assigned | no | The name o
host\_name | string | randomly assigned | no | The name of the interface inside the host
mtu | integer | parent MTU | no | The MTU of the new interface
hwaddr | string | randomly assigned | no | The MAC address of the new interface
+limits.ingress | string | - | no | I/O limit in bit/s for incoming traffic (various suffixes supported, see below)
+limits.egress | string | - | no | I/O limit in bit/s for outgoing traffic (various suffixes supported, see below)
+limits.max | string | - | no | Same as modifying both limits.ingress and limits.egress
ipv4.address | string | - | no | Comma delimited list of IPv4 static addresses to add to the instance
ipv4.gateway | string | auto | no | Whether to add an automatic default IPv4 gateway, can be "auto" or "none"
ipv4.host\_address | string | 169.254.0.1 | no | The IPv4 address to add to the host-side veth interface.
diff --git a/lxd/device/nic_routed.go b/lxd/device/nic_routed.go
index 3aa0681338..15c0548b3d 100644
--- a/lxd/device/nic_routed.go
+++ b/lxd/device/nic_routed.go
@@ -23,7 +23,7 @@ type nicRouted struct {
}
func (d *nicRouted) CanHotPlug() (bool, []string) {
- return false, []string{}
+ return false, []string{"limits.ingress", "limits.egress", "limits.max"}
}
// validateConfig checks the supplied config for correctness.
@@ -40,6 +40,9 @@ func (d *nicRouted) validateConfig(instConf instance.ConfigReader) error {
"hwaddr",
"host_name",
"vlan",
+ "limits.ingress",
+ "limits.egress",
+ "limits.max",
"ipv4.gateway",
"ipv6.gateway",
"ipv4.host_address",
@@ -292,14 +295,43 @@ func (d *nicRouted) setupParentSysctls(parentName string) error {
return nil
}
+// Update returns an error as most devices do not support live updates without being restarted.
+func (d *nicRouted) Update(oldDevices deviceConfig.Devices, isRunning bool) error {
+ v := d.volatileGet()
+
+ // If instance is running, apply host side limits.
+ if isRunning {
+ err := d.validateEnvironment()
+ if err != nil {
+ return err
+ }
+
+ // Apply host-side limits.
+ d.config["host_name"] = v["host_name"]
+ err = networkSetVethLimits(d.config)
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
// postStart is run after the instance is started.
func (d *nicRouted) postStart() error {
v := d.volatileGet()
// If volatile host_name is defined (and it should be), then configure the host-side interface.
if v["host_name"] != "" {
+ // Apply host-side limits.
+ d.config["host_name"] = v["host_name"]
+ err := networkSetVethLimits(d.config)
+ if err != nil {
+ return err
+ }
+
// Attempt to disable IPv6 router advertisement acceptance.
- err := util.SysctlSet(fmt.Sprintf("net/ipv6/conf/%s/accept_ra", v["host_name"]), "0")
+ err = util.SysctlSet(fmt.Sprintf("net/ipv6/conf/%s/accept_ra", v["host_name"]), "0")
if err != nil && !os.IsNotExist(err) {
return err
}
More information about the lxc-devel
mailing list