External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-22 05:35:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

lxc: support <interface type='ethernet'>

Browse Source 
This is identical to type='bridge', but without the "connect to a
bridge" part, so it can be handled by using the same functions (and
often even the same cases in switch statements), after renaming
virLXCProcessSetupInterfaceBridged() to virLXCProcessInterfaceTap()
and enhancing it to skip bridge-related items when brname == NULL.

To be truly useful, we need to support setting the ip address on the
host side veth as well as guest side veth (already supported for
type='bridge'), as well as setting the peer address for both.

The <script> element (supported by type='ethernet' in qemu) isn't
supported in this patch. An error is logged at domain start time if it
is encountered. This may be changed in a later patch.
This commit is contained in:
Laine Stump 2016-05-13 13:20:54 -04:00
parent 306b3a8504
commit 002b7704ff
10 changed files with 203 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/lxc/lxc_controller.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2010-2015 Red Hat, Inc.
* Copyright (C) 2010-2016 Red Hat, Inc.
* Copyright IBM Corp. 2008
*
* lxc_controller.c: linux container process controller
@ -371,6 +371,7 @@ static int virLXCControllerGetNICIndexes(virLXCControllerPtr ctrl)
switch (ctrl->def->nets[i]->type) {
case VIR_DOMAIN_NET_TYPE_BRIDGE:
case VIR_DOMAIN_NET_TYPE_NETWORK:
case VIR_DOMAIN_NET_TYPE_ETHERNET:
if (ctrl->def->nets[i]->ifname == NULL)
continue;
if (virNetDevGetIndex(ctrl->def->nets[i]->ifname,
@ -386,7 +387,6 @@ static int virLXCControllerGetNICIndexes(virLXCControllerPtr ctrl)
break;
case VIR_DOMAIN_NET_TYPE_USER:
case VIR_DOMAIN_NET_TYPE_ETHERNET:
case VIR_DOMAIN_NET_TYPE_VHOSTUSER:
case VIR_DOMAIN_NET_TYPE_SERVER:
case VIR_DOMAIN_NET_TYPE_CLIENT:

19
src/lxc/lxc_driver.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2010-2015 Red Hat, Inc.
* Copyright (C) 2010-2016 Red Hat, Inc.
* Copyright IBM Corp. 2008
*
* lxc_driver.c: linux container driver functions
@ -4278,6 +4278,9 @@ lxcDomainAttachDeviceNetLive(virConnectPtr conn,
goto cleanup;
}
if (virLXCProcessValidateInterface(net) < 0)
return -1;
/* preallocate new slot for device */
if (VIR_REALLOC_N(vm->def->nets, vm->def->nnets+1) < 0)
return -1;
@ -4300,15 +4303,15 @@ lxcDomainAttachDeviceNetLive(virConnectPtr conn,
_("No bridge name specified"));
goto cleanup;
}
if (!(veth = virLXCProcessSetupInterfaceBridged(vm->def,
net,
brname)))
if (!(veth = virLXCProcessSetupInterfaceTap(vm->def, net, brname)))
goto cleanup;
} break;
case VIR_DOMAIN_NET_TYPE_ETHERNET:
if (!(veth = virLXCProcessSetupInterfaceTap(vm->def, net, NULL)))
goto cleanup;
break;
case VIR_DOMAIN_NET_TYPE_DIRECT: {
if (!(veth = virLXCProcessSetupInterfaceDirect(conn,
vm->def,
net)))
if (!(veth = virLXCProcessSetupInterfaceDirect(conn, vm->def, net)))
goto cleanup;
} break;
default:
@ -4345,6 +4348,7 @@ lxcDomainAttachDeviceNetLive(virConnectPtr conn,
switch (actualType) {
case VIR_DOMAIN_NET_TYPE_BRIDGE:
case VIR_DOMAIN_NET_TYPE_NETWORK:
case VIR_DOMAIN_NET_TYPE_ETHERNET:
ignore_value(virNetDevVethDelete(veth));
break;
@ -4770,6 +4774,7 @@ lxcDomainDetachDeviceNetLive(virDomainObjPtr vm,
switch (actualType) {
case VIR_DOMAIN_NET_TYPE_BRIDGE:
case VIR_DOMAIN_NET_TYPE_NETWORK:
case VIR_DOMAIN_NET_TYPE_ETHERNET:
if (virNetDevVethDelete(detach->ifname) < 0) {
virDomainAuditNet(vm, detach, NULL, "detach", false);
goto cleanup;

15
src/lxc/lxc_native.c
View File

@ -360,14 +360,13 @@ lxcCreateNetDef(const char *type,
net->mac = macAddr;
if (STREQ(type, "veth")) {
if (!linkdev)
goto error;
net->type = VIR_DOMAIN_NET_TYPE_BRIDGE;
if (VIR_STRDUP(net->data.bridge.brname, linkdev) < 0)
goto error;
if (linkdev) {
net->type = VIR_DOMAIN_NET_TYPE_BRIDGE;
if (VIR_STRDUP(net->data.bridge.brname, linkdev) < 0)
goto error;
} else {
net->type = VIR_DOMAIN_NET_TYPE_ETHERNET;
}
} else if (STREQ(type, "macvlan")) {
net->type = VIR_DOMAIN_NET_TYPE_DIRECT;

53
src/lxc/lxc_process.c
View File

@ -256,9 +256,22 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver,
}
char *virLXCProcessSetupInterfaceBridged(virDomainDefPtr vm,
virDomainNetDefPtr net,
const char *brname)
int
virLXCProcessValidateInterface(virDomainNetDefPtr net)
{
if (net->script) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("scripts are not supported on LXC network interfaces"));
return -1;
}
return 0;
}
char *
virLXCProcessSetupInterfaceTap(virDomainDefPtr vm,
virDomainNetDefPtr net,
const char *brname)
{
char *ret = NULL;
char *parentVeth;
@ -277,13 +290,15 @@ char *virLXCProcessSetupInterfaceBridged(virDomainDefPtr vm,
if (virNetDevSetMAC(containerVeth, &net->mac) < 0)
goto cleanup;
if (vport && vport->virtPortType == VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH) {
if (virNetDevOpenvswitchAddPort(brname, parentVeth, &net->mac,
vm->uuid, vport, virDomainNetGetActualVlan(net)) < 0)
goto cleanup;
} else {
if (virNetDevBridgeAddPort(brname, parentVeth) < 0)
goto cleanup;
if (brname) {
if (vport && vport->virtPortType == VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH) {
if (virNetDevOpenvswitchAddPort(brname, parentVeth, &net->mac, vm->uuid,
vport, virDomainNetGetActualVlan(net)) < 0)
goto cleanup;
} else {
if (virNetDevBridgeAddPort(brname, parentVeth) < 0)
goto cleanup;
}
}
if (virNetDevSetOnline(parentVeth, true) < 0)
@ -530,6 +545,10 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn,
* to the one defined in the network definition.
*/
net = def->nets[i];
if (virLXCProcessValidateInterface(net) < 0)
return -1;
if (networkAllocateActualDevice(def, net) < 0)
goto cleanup;
@ -546,20 +565,18 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn,
_("No bridge name specified"));
goto cleanup;
}
if (!(veth = virLXCProcessSetupInterfaceBridged(def,
net,
brname)))
if (!(veth = virLXCProcessSetupInterfaceTap(def, net, brname)))
goto cleanup;
} break;
case VIR_DOMAIN_NET_TYPE_ETHERNET:
if (!(veth = virLXCProcessSetupInterfaceTap(def, net, NULL)))
goto cleanup;
break;
case VIR_DOMAIN_NET_TYPE_DIRECT:
if (!(veth = virLXCProcessSetupInterfaceDirect(conn,
def,
net)))
if (!(veth = virLXCProcessSetupInterfaceDirect(conn, def, net)))
goto cleanup;
break;
case VIR_DOMAIN_NET_TYPE_ETHERNET:
case VIR_DOMAIN_NET_TYPE_USER:
case VIR_DOMAIN_NET_TYPE_VHOSTUSER:
case VIR_DOMAIN_NET_TYPE_SERVER:

9
src/lxc/lxc_process.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2010-2012 Red Hat, Inc.
* Copyright (C) 2010-2012, 2016 Red Hat, Inc.
* Copyright IBM Corp. 2008
*
* lxc_process.h: LXC process lifecycle management
@ -47,9 +47,10 @@ void virLXCProcessAutostartAll(virLXCDriverPtr driver);
int virLXCProcessReconnectAll(virLXCDriverPtr driver,
virDomainObjListPtr doms);
char *virLXCProcessSetupInterfaceBridged(virDomainDefPtr vm,
virDomainNetDefPtr net,
const char *brname);
int virLXCProcessValidateInterface(virDomainNetDefPtr net);
char *virLXCProcessSetupInterfaceTap(virDomainDefPtr vm,
virDomainNetDefPtr net,
const char *brname);
char *virLXCProcessSetupInterfaceDirect(virConnectPtr conn,
virDomainDefPtr def,
virDomainNetDefPtr net);

44
tests/lxcconf2xmldata/lxcconf2xml-ethernet.config Normal file
View File

@ -0,0 +1,44 @@
# Template used to create this container: opensuse
# Template script checksum (SHA-1): 27307e0a95bd81b2c0bd82d6f87fdbe83be075ef
lxc.network.type = veth
lxc.network.flags = up
lxc.network.hwaddr = 02:00:15:8f:05:c1
lxc.network.name = eth0
lxc.network.ipv4 = 192.168.122.2/24
lxc.network.ipv4.gateway = 192.168.122.1
lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3596/64
lxc.network.ipv6.gateway = 2003:db8:1:0:214:1234:fe0b:3595
#remove next line if host DNS configuration should not be available to container
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
lxc.mount.entry = sysfs sys sysfs defaults 0 0
lxc.mount.entry = tmpfs run tmpfs size=8m,mode=0755,nodev,nosuid 0 0
lxc.mount.entry = /etc/resolv.conf etc/resolv.conf none bind,ro 0 0
lxc.rootfs = /var/lib/lxc/migrate_test/rootfs
lxc.utsname = migrate_test
lxc.arch = x86
lxc.autodev=1
lxc.tty = 2
lxc.pts = 1024
lxc.cap.drop = sys_module mac_admin mac_override mknod
# When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.aa_profile = unconfined
lxc.cgroup.devices.deny = a
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwm

54
tests/lxcconf2xmldata/lxcconf2xml-ethernet.xml Normal file
View File

@ -0,0 +1,54 @@
<domain type='lxc'>
<name>migrate_test</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>65536</memory>
<currentMemory unit='KiB'>65536</currentMemory>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='i686'>exe</type>
<init>/sbin/init</init>
</os>
<features>
<capabilities policy='allow'>
<mac_admin state='off'/>
<mac_override state='off'/>
<mknod state='off'/>
<sys_module state='off'/>
</capabilities>
</features>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/libexec/libvirt_lxc</emulator>
<filesystem type='mount' accessmode='passthrough'>
<source dir='/var/lib/lxc/migrate_test/rootfs'/>
<target dir='/'/>
</filesystem>
<filesystem type='ram' accessmode='passthrough'>
<source usage='8192' units='KiB'/>
<target dir='/run'/>
</filesystem>
<filesystem type='mount' accessmode='passthrough'>
<source dir='/etc/resolv.conf'/>
<target dir='/etc/resolv.conf'/>
<readonly/>
</filesystem>
<interface type='ethernet'>
<mac address='02:00:15:8f:05:c1'/>
<ip address='192.168.122.2' family='ipv4' prefix='24'/>
<ip address='2003:db8:1:0:214:1234:fe0b:3596' family='ipv6' prefix='64'/>
<route family='ipv4' address='0.0.0.0' gateway='192.168.122.1'/>
<route family='ipv6' address='::' gateway='2003:db8:1:0:214:1234:fe0b:3595'/>
<guest dev='eth0'/>
<link state='up'/>
</interface>
<console type='pty'>
<target type='lxc' port='0'/>
</console>
<console type='pty'>
<target type='lxc' port='1'/>
</console>
</devices>
</domain>

1
tests/lxcconf2xmltest.c
View File

@ -119,6 +119,7 @@ mymain(void)
DO_TEST("cputune", false);
DO_TEST("cpusettune", false);
DO_TEST("blkiotune", false);
DO_TEST("ethernet", false);
virObjectUnref(xmlopt);
virObjectUnref(caps);

42
tests/lxcxml2xmldata/lxc-ethernet.xml Normal file
View File

@ -0,0 +1,42 @@
<domain type='lxc'>
<name>8675309</name>
<uuid>e21987a5-e98e-9c99-0e35-803e4d9ad1fe</uuid>
<memory unit='KiB'>1048576</memory>
<currentMemory unit='KiB'>1048576</currentMemory>
<vcpu placement='static'>1</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='x86_64'>exe</type>
<init>/sbin/init</init>
</os>
<idmap>
<uid start='0' target='100000' count='100000'/>
<gid start='0' target='100000' count='100000'/>
</idmap>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/libexec/libvirt_lxc</emulator>
<filesystem type='mount' accessmode='passthrough'>
<source dir='/mach/8675309'/>
<target dir='/'/>
</filesystem>
<interface type='ethernet'>
<mac address='00:16:3e:0f:ef:8a'/>
<ip address='192.168.122.12' family='ipv4' prefix='24'/>
<ip address='192.168.122.13' family='ipv4' prefix='24'/>
<route family='ipv4' address='0.0.0.0' gateway='192.168.122.1'/>
<route family='ipv4' address='192.168.124.0' prefix='24' gateway='192.168.124.1'/>
<target dev='veth0'/>
<guest dev='eth2'/>
</interface>
<console type='pty'>
<target type='lxc' port='0'/>
</console>
</devices>
<seclabel type='none'/>
</domain>

1
tests/lxcxml2xmltest.c
View File

@ -94,6 +94,7 @@ mymain(void)
DO_TEST("idmap");
DO_TEST("capabilities");
DO_TEST("sharenet");
DO_TEST("ethernet");
DO_TEST_FULL("filesystem-root", 0, false,
VIR_DOMAIN_DEF_PARSE_SKIP_OSTYPE_CHECKS);