From 6fd75a18de9c5cf8886e9b974b91edbdf31e7b96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Tue, 3 Nov 2015 11:42:58 -0500 Subject: Allocate new lxcbr0 subnet at startup time --- config/init/common/lxc-net.in | 100 +++++++++++++++++++++++++++++++--- 1 file changed, 91 insertions(+), 9 deletions(-) diff --git a/config/init/common/lxc-net.in b/config/init/common/lxc-net.in index 4985be958..6396e8f32 100644 --- a/config/init/common/lxc-net.in +++ b/config/init/common/lxc-net.in @@ -23,6 +23,85 @@ LXC_IPV6_MASK="" LXC_IPV6_NETWORK="" LXC_IPV6_NAT="false" +write_lxc_net() +{ + local i=$1 + cat >> $distrosysconfdir/lxc-net << EOF +# Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your +# containers. Set to "false" if you'll use virbr0 or another existing +# bridge, or mavlan to your host's NIC. +USE_LXC_BRIDGE="true" + +# If you change the LXC_BRIDGE to something other than lxcbr0, then +# you will also need to update your /etc/lxc/default.conf as well as the +# configuration (/var/lib/lxc//config) for any containers +# already created using the default config to reflect the new bridge +# name. +# If you have the dnsmasq daemon installed, you'll also have to update +# /etc/dnsmasq.d/lxc and restart the system wide dnsmasq daemon. +LXC_BRIDGE="lxcbr0" +LXC_ADDR="10.0.$i.1" +LXC_NETMASK="255.255.255.0" +LXC_NETWORK="10.0.$i.0/24" +LXC_DHCP_RANGE="10.0.$i.2,10.0.$i.254" +LXC_DHCP_MAX="253" +# Uncomment the next line if you'd like to use a conf-file for the lxcbr0 +# dnsmasq. For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have +# container 'mail1' always get ip address 10.0.3.100. +#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf + +# Uncomment the next line if you want lxcbr0's dnsmasq to resolve the .lxc +# domain. You can then add "server=/lxc/10.0.$i.1' (or your actual \$LXC_ADDR) +# to your system dnsmasq configuration file (normally /etc/dnsmasq.conf, +# or /etc/NetworkManager/dnsmasq.d/lxc.conf on systems that use NetworkManager). +# Once these changes are made, restart the lxc-net and network-manager services. +# 'container1.lxc' will then resolve on your host. +#LXC_DOMAIN="lxc" +EOF +} + +configure_lxcbr0() +{ + local i=3 + cat > $distrosysconfdir/lxc-net << EOF +# This file is auto-generated by lxc.postinst if it does not +# exist. Customizations will not be overridden. +EOF + # if lxcbr0 exists, keep using the same network + if ip addr show lxcbr0 > /dev/null 2>&1 ; then + i=`ip addr show lxcbr0 | grep "inet\>" | awk '{ print $2 }' | awk -F. '{ print $3 }'` + write_lxc_net $i + return + fi + # if no lxcbr0, find an open 10.0.a.0 network + for l in `ip addr show | grep "inet\>" |awk '{ print $2 }' | grep '^10\.0\.' | sort -n`; do + j=`echo $l | awk -F. '{ print $3 }'` + if [ $j -gt $i ]; then + write_lxc_net $i + return + fi + i=$((j+1)) + done + if [ $i -ne 254 ]; then + write_lxc_net $i + fi +} + +update_lxcnet_config() +{ + local i=3 + # if lxcbr0 exists, keep using the same network + if ip addr show lxcbr0 > /dev/null 2>&1 ; then + return + fi + # our LXC_NET conflicts with an existing interface. Probably first + # run after system install with package pre-install. Find a new subnet + configure_lxcbr0 + + # and re-load the newly created config + [ ! -f $distrosysconfdir/lxc-net ] || . $distrosysconfdir/lxc-net +} + [ ! -f $distrosysconfdir/lxc ] || . $distrosysconfdir/lxc use_iptables_lock="-w" @@ -50,7 +129,19 @@ _ifup() { ip link set dev ${LXC_BRIDGE} up } +cleanup() { + set +e + if [ "$FAILED" = "1" ]; then + echo "Failed to setup lxc-net." >&2 + stop force + exit 1 + fi +} + start() { + + [ ! -f $distrosysconfdir/lxc-net ] && update_lxcnet_config + [ "x$USE_LXC_BRIDGE" = "xtrue" ] || { exit 0; } [ ! -f "${varrun}/network_up" ] || { echo "lxc-net is already running"; exit 1; } @@ -61,15 +152,6 @@ start() { FAILED=1 - cleanup() { - set +e - if [ "$FAILED" = "1" ]; then - echo "Failed to setup lxc-net." >&2 - stop force - exit 1 - fi - } - trap cleanup EXIT HUP INT TERM set -e