[lxc-devel] [lxd/master] Network: Adds support for "none" in "ipv4.address" and "ipv6.address" settings
tomponline on Github
lxc-bot at linuxcontainers.org
Mon Oct 19 10:26:15 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201019/20683d22/attachment.bin>
-------------- next part --------------
From 0e5c2730002452dbc53a11c3dab6e681cd19d3df Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 19 Oct 2020 09:29:59 +0100
Subject: [PATCH 1/4] lxd/network/driver/ovn: Allows "none" as value for
ipv4.address and ipv6.address
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/driver_ovn.go | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index 5ea70ba071..04b846b3f1 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -120,14 +120,14 @@ func (n *ovn) Validate(config map[string]string) error {
"bridge.hwaddr": validate.Optional(validate.IsNetworkMAC),
"bridge.mtu": validate.Optional(validate.IsNetworkMTU),
"ipv4.address": func(value string) error {
- if validate.IsOneOf(value, []string{"auto"}) == nil {
+ if validate.IsOneOf(value, []string{"none", "auto"}) == nil {
return nil
}
return validate.Optional(validate.IsNetworkAddressCIDRV4)(value)
},
"ipv6.address": func(value string) error {
- if validate.IsOneOf(value, []string{"auto"}) == nil {
+ if validate.IsOneOf(value, []string{"none", "auto"}) == nil {
return nil
}
@@ -219,7 +219,7 @@ func (n *ovn) Validate(config map[string]string) error {
// If NAT disabled, check subnets are within the uplink network's routes and project's subnet restrictions.
for _, keyPrefix := range []string{"ipv4", "ipv6"} {
- if !shared.IsTrue(config[fmt.Sprintf("%s.nat", keyPrefix)]) && config[fmt.Sprintf("%s.address", keyPrefix)] != "" {
+ if !shared.IsTrue(config[fmt.Sprintf("%s.nat", keyPrefix)]) && validate.IsOneOf(config[fmt.Sprintf("%s.address", keyPrefix)], []string{"", "none", "auto"}) != nil {
_, ipNet, err := net.ParseCIDR(config[fmt.Sprintf("%s.address", keyPrefix)])
if err != nil {
return err
From 9d4ceec468a1fc0d1a81597cddba19793f97951b Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 19 Oct 2020 11:18:44 +0100
Subject: [PATCH 2/4] lxd/network/driver/ovn: Re-run validation of auto
generated address used in FillConfig
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/driver_ovn.go | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index 04b846b3f1..d8b9b39714 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -1122,14 +1122,18 @@ func (n *ovn) deleteUplinkPortPhysical(uplinkNet Network) error {
// FillConfig fills requested config with any default values.
func (n *ovn) FillConfig(config map[string]string) error {
+ changedConfig := false
+
if config["ipv4.address"] == "" {
config["ipv4.address"] = "auto"
+ changedConfig = true
}
if config["ipv6.address"] == "" {
content, err := ioutil.ReadFile("/proc/sys/net/ipv6/conf/default/disable_ipv6")
if err == nil && string(content) == "0\n" {
config["ipv6.address"] = "auto"
+ changedConfig = true
}
}
@@ -1145,6 +1149,8 @@ func (n *ovn) FillConfig(config map[string]string) error {
if config["ipv4.nat"] == "" {
config["ipv4.nat"] = "true"
}
+
+ changedConfig = true
}
if config["ipv6.address"] == "auto" {
@@ -1158,6 +1164,12 @@ func (n *ovn) FillConfig(config map[string]string) error {
if config["ipv6.nat"] == "" {
config["ipv6.nat"] = "true"
}
+
+ changedConfig = true
+ }
+
+ if changedConfig {
+ return n.Validate(config)
}
return nil
From f3da8b57c47423616e6490c89fb820be6c5dd651 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 19 Oct 2020 11:21:00 +0100
Subject: [PATCH 3/4] lxd/network/driver/ovn: Modify setup() to support
optional IP addresses
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/driver_ovn.go | 66 ++++++++++++++++++++++-----------------
1 file changed, 38 insertions(+), 28 deletions(-)
diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index d8b9b39714..4e06b123e2 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -1371,14 +1371,14 @@ func (n *ovn) setup(update bool) error {
}
}
- if n.getRouterIntPortIPv4Net() != "" {
+ if validate.IsOneOf(n.getRouterIntPortIPv4Net(), []string{"none", ""}) != nil {
routerIntPortIPv4, routerIntPortIPv4Net, err = net.ParseCIDR(n.getRouterIntPortIPv4Net())
if err != nil {
return errors.Wrapf(err, "Failed parsing router's internal port IPv4 Net")
}
}
- if n.getRouterIntPortIPv6Net() != "" {
+ if validate.IsOneOf(n.getRouterIntPortIPv6Net(), []string{"none", ""}) != nil {
routerIntPortIPv6, routerIntPortIPv6Net, err = net.ParseCIDR(n.getRouterIntPortIPv6Net())
if err != nil {
return errors.Wrapf(err, "Failed parsing router's internal port IPv6 Net")
@@ -1509,11 +1509,16 @@ func (n *ovn) setup(update bool) error {
}
revert.Add(func() { client.LogicalSwitchDelete(n.getIntSwitchName()) })
+ var excludeIPV4 []shared.IPRange
+ if routerIntPortIPv4 != nil {
+ excludeIPV4 = []shared.IPRange{{Start: routerIntPortIPv4}}
+ }
+
// Setup IP allocation config on logical switch.
err = client.LogicalSwitchSetIPAllocation(n.getIntSwitchName(), &openvswitch.OVNIPAllocationOpts{
PrefixIPv4: routerIntPortIPv4Net,
PrefixIPv6: routerIntPortIPv6Net,
- ExcludeIPv4: []shared.IPRange{{Start: routerIntPortIPv4}},
+ ExcludeIPv4: excludeIPV4,
})
if err != nil {
return errors.Wrapf(err, "Failed setting IP allocation settings on internal switch")
@@ -1541,40 +1546,41 @@ func (n *ovn) setup(update bool) error {
}
}
- // Create DHCPv4 options for internal switch.
- err = client.LogicalSwitchDHCPv4OptionsSet(n.getIntSwitchName(), dhcpv4UUID, routerIntPortIPv4Net, &openvswitch.OVNDHCPv4Opts{
- ServerID: routerIntPortIPv4,
- ServerMAC: routerMAC,
- Router: routerIntPortIPv4,
- RecursiveDNSServer: uplinkNet.dnsIPv4,
- DomainName: n.getDomainName(),
- LeaseTime: time.Duration(time.Hour * 1),
- MTU: bridgeMTU,
- })
- if err != nil {
- return errors.Wrapf(err, "Failed adding DHCPv4 settings for internal switch")
- }
-
- // Create DHCPv6 options for internal switch.
- err = client.LogicalSwitchDHCPv6OptionsSet(n.getIntSwitchName(), dhcpv6UUID, routerIntPortIPv6Net, &openvswitch.OVNDHCPv6Opts{
- ServerID: routerMAC,
- RecursiveDNSServer: uplinkNet.dnsIPv6,
- DNSSearchList: n.getDNSSearchList(),
- })
- if err != nil {
- return errors.Wrapf(err, "Failed adding DHCPv6 settings for internal switch")
- }
-
- // Generate internal router port IPs (in CIDR format).
+ // Internal router port IPs (in CIDR format).
intRouterIPs := []*net.IPNet{}
+
+ // Create DHCPv4 options for internal switch.
if routerIntPortIPv4Net != nil {
+ err = client.LogicalSwitchDHCPv4OptionsSet(n.getIntSwitchName(), dhcpv4UUID, routerIntPortIPv4Net, &openvswitch.OVNDHCPv4Opts{
+ ServerID: routerIntPortIPv4,
+ ServerMAC: routerMAC,
+ Router: routerIntPortIPv4,
+ RecursiveDNSServer: uplinkNet.dnsIPv4,
+ DomainName: n.getDomainName(),
+ LeaseTime: time.Duration(time.Hour * 1),
+ MTU: bridgeMTU,
+ })
+ if err != nil {
+ return errors.Wrapf(err, "Failed adding DHCPv4 settings for internal switch")
+ }
+
intRouterIPs = append(intRouterIPs, &net.IPNet{
IP: routerIntPortIPv4,
Mask: routerIntPortIPv4Net.Mask,
})
}
+ // Create DHCPv6 options for internal switch.
if routerIntPortIPv6Net != nil {
+ err = client.LogicalSwitchDHCPv6OptionsSet(n.getIntSwitchName(), dhcpv6UUID, routerIntPortIPv6Net, &openvswitch.OVNDHCPv6Opts{
+ ServerID: routerMAC,
+ RecursiveDNSServer: uplinkNet.dnsIPv6,
+ DNSSearchList: n.getDNSSearchList(),
+ })
+ if err != nil {
+ return errors.Wrapf(err, "Failed adding DHCPv6 settings for internal switch")
+ }
+
intRouterIPs = append(intRouterIPs, &net.IPNet{
IP: routerIntPortIPv6,
Mask: routerIntPortIPv6Net.Mask,
@@ -1582,6 +1588,10 @@ func (n *ovn) setup(update bool) error {
}
// Create internal router port.
+ if len(intRouterIPs) <= 0 {
+ return fmt.Errorf("No IPs defined for network router")
+ }
+
err = client.LogicalRouterPortAdd(n.getRouterName(), n.getRouterIntPortName(), routerMAC, intRouterIPs...)
if err != nil {
return errors.Wrapf(err, "Failed adding internal router port")
From 78f3c3e7973932ae216bdb7d90ef0267021ed2a8 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Mon, 19 Oct 2020 11:21:20 +0100
Subject: [PATCH 4/4] lxd/network/driver/ovn: Updates instanceDevicePortAdd to
support optional IP addresses
Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
lxd/network/driver_ovn.go | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index 4e06b123e2..ea1616d269 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -1900,7 +1900,7 @@ func (n *ovn) instanceDevicePortAdd(instanceID int, instanceName string, deviceN
}
// Get DHCP options IDs.
- if n.getRouterIntPortIPv4Net() != "" {
+ if validate.IsOneOf(n.getRouterIntPortIPv4Net(), []string{"none", ""}) != nil {
_, routerIntPortIPv4Net, err := net.ParseCIDR(n.getRouterIntPortIPv4Net())
if err != nil {
return "", err
@@ -1912,7 +1912,7 @@ func (n *ovn) instanceDevicePortAdd(instanceID int, instanceName string, deviceN
}
}
- if n.getRouterIntPortIPv6Net() != "" {
+ if validate.IsOneOf(n.getRouterIntPortIPv6Net(), []string{"none", ""}) != nil {
_, routerIntPortIPv6Net, err := net.ParseCIDR(n.getRouterIntPortIPv6Net())
if err != nil {
return "", err
More information about the lxc-devel
mailing list