[Devel] [PATCH v2 7/8] automatically add bridge venet0 when needed

Glauber Costa glommer at parallels.com
Fri Mar 22 03:48:21 PDT 2013 

The chosen architecture to deal with --ipadd with upstream containers is to
create a veth pair and add the host side information to a bridge called venet0.
This way, all the code that expects venet0 to exist can still work without
modifications, (or with just a few).

Our intention to do that was actually already stated in the comments, but the
code was removed before merging because --ipadd would not work without full
unshare support anyway.

This patch implements that.

Signed-off-by: Glauber Costa <glommer at parallels.com>
---
 scripts/vps-functions.in |  7 +++++++
 src/lib/hooks_ct.c       | 37 +++++++++++++++++++++++++++++++++++--
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/scripts/vps-functions.in b/scripts/vps-functions.in
index 826c0a1..ab05aa0 100755
--- a/scripts/vps-functions.in
+++ b/scripts/vps-functions.in
@@ -170,6 +170,13 @@ vzadjustmacs()
 # other setups, the bridge is expected to already exist and be valid.
 vzconfbridge()
 {
+	if [ "x$BRIDGE" == "xvenet0" ]; then
+		if [ `brctl show venet0 2>/dev/null | tail -n+2 | wc -l` == 0 ]; then
+			brctl addbr venet0
+			${IP_CMD} link set venet0 up
+		fi
+	fi
+	
 	if [ "x$BRIDGE" != "x" ]; then
 		brctl addif $BRIDGE $HNAME >/dev/null 2>&1
 	fi
diff --git a/src/lib/hooks_ct.c b/src/lib/hooks_ct.c
index 6bd27c1..d5b15dc 100644
--- a/src/lib/hooks_ct.c
+++ b/src/lib/hooks_ct.c
@@ -17,6 +17,7 @@
 #include "logger.h"
 #include "script.h"
 #include "cgroup.h"
+#include "linux/vzctl_venet.h"
 
 #define NETNS_RUN_DIR "/var/run/netns"
 
@@ -665,8 +666,40 @@ static int ct_netdev_ctl(vps_handler *h, envid_t veid, int op, char *name)
 
 static int ct_ip_ctl(vps_handler *h, envid_t veid, int op, const char *ipstr)
 {
-	logger(-1, 0, "%s not yet supported upstream", __func__);
-	return 0;
+	int ret = -1;
+	char *envp[5];
+	char buf[STR_SIZE];
+	int i = 0;
+
+	if (!h->can_join_pidns) {
+		logger(-1, 0, "Cannot join pid namespace: "
+		"--ipadd is not supported in kernels without full pidns support");
+		return VZ_BAD_KERNEL;
+	}
+	envp[i++] = strdup("VNAME=venet0");
+	envp[i++] = strdup("BRIDGE=venet0");
+
+	snprintf(buf, sizeof(buf), "HNAME=venet0.%d", veid);
+	envp[i++] = strdup(buf);
+
+	snprintf(buf, sizeof(buf), "VEID=%d", veid);
+	envp[i++] = strdup(buf);
+
+	envp[i] = NULL;
+
+	if (op == VE_IP_ADD) {
+		char *argv[] = { VPS_NETNS_DEV_ADD, NULL };
+
+		ret = run_script(VPS_NETNS_DEV_ADD, argv, envp, 0);
+	} else  {
+		char *argv[] = { VPS_NETNS_DEV_DEL, NULL };
+
+		ret = run_script(VPS_NETNS_DEV_DEL, argv, envp, 0);
+	}
+	free_arg(envp);
+
+	return ret;
+
 }
 
 /*
-- 
1.7.11.7

More information about the Devel mailing list