On Thu, Dec 04, 2014 at 01:21:24PM -0500, S.Çağlar Onur wrote: > Signed-off-by: S.Çağlar Onur <cag...@10ur.org> > --- > config/init/common/lxc-net.in | 26 ++++++++++++++++++++++---- > 1 file changed, 22 insertions(+), 4 deletions(-) > > diff --git a/config/init/common/lxc-net.in b/config/init/common/lxc-net.in > index 5567fee..5ca2eb2 100644 > --- a/config/init/common/lxc-net.in > +++ b/config/init/common/lxc-net.in > @@ -8,6 +8,7 @@ varrun="@RUNTIME_PATH@/lxc" > # or in @LXC_DISTRO_SYSCONF@/lxc-net > > USE_LXC_BRIDGE="true" > +USE_OPENVSWITCH="false" > LXC_BRIDGE="lxcbr0" > LXC_ADDR="10.0.3.1" > LXC_NETMASK="255.255.255.0" > @@ -79,7 +80,11 @@ start() { > iptables $use_iptables_lock -t nat -D POSTROUTING -s ${LXC_NETWORK} > ! -d ${LXC_NETWORK} -j MASQUERADE || true > iptables $use_iptables_lock -t mangle -D POSTROUTING -o > ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > ifdown ${LXC_BRIDGE} > - brctl delbr ${LXC_BRIDGE} || true > + if [ "x$USE_OPENVSWITCH" = "xtrue" ]; then > + ovs-vsctl --if-exists del-br ${LXC_BRIDGE} || true > + else > + brctl delbr ${LXC_BRIDGE} || true > + fi > } > > if [ -d /sys/class/net/${LXC_BRIDGE} ]; then > @@ -87,7 +92,11 @@ start() { > fi > > # set up the lxc network > - brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in kernel"; > stop; exit 0; } > + if [ "x$USE_OPENVSWITCH" = "xtrue" ]; then > + ovs-vsctl --may-exist add-br ${LXC_BRIDGE} || { echo "Missing > openvbridge support in kernel"; stop; exit 0; } > + else > + brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in > kernel"; stop; exit 0; } > + fi > echo 1 > /proc/sys/net/ipv4/ip_forward > > # if we are run from systemd on a system with selinux enabled, > @@ -115,7 +124,12 @@ start() { > if [ -n "$LXC_DOMAIN" ]; then > LXC_DOMAIN_ARG="-s $LXC_DOMAIN -S /$LXC_DOMAIN/" > fi > - dnsmasq $LXC_DOMAIN_ARG -u lxc-dnsmasq --strict-order --bind-interfaces > --pid-file="${varrun}"/dnsmasq.pid --conf-file=${LXC_DHCP_CONFILE} > --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} > --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override --except-interface=lo > --interface=${LXC_BRIDGE} > --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases > --dhcp-authoritative || cleanup > + > + DNSMASQ_USER="lxc-dnsmasq" > + if ! getent passwd ${DNSMASQ_USER} >/dev/null; then > + DNSMASQ_USER="dnsmasq"
Shouldn't the fallback be nobody rather than dnsmasq? > + fi > + dnsmasq $LXC_DOMAIN_ARG -u ${DNSMASQ_USER} --strict-order > --bind-interfaces --pid-file="${varrun}"/dnsmasq.pid > --conf-file=${LXC_DHCP_CONFILE} --listen-address ${LXC_ADDR} --dhcp-range > ${LXC_DHCP_RANGE} --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override > --except-interface=lo --interface=${LXC_BRIDGE} > --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases > --dhcp-authoritative || cleanup > touch "${varrun}"/network_up > touch "${lockdir}"/lxc-net > } > @@ -141,7 +155,11 @@ stop() { > iptables $use_iptables_lock -t mangle -D POSTROUTING -o > ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > pid=`cat "${varrun}"/dnsmasq.pid 2>/dev/null` && kill -9 $pid || true > rm -f "${varrun}"/dnsmasq.pid > - brctl delbr ${LXC_BRIDGE} > + if [ "x$USE_OPENVSWITCH" = "xtrue" ]; then > + ovs-vsctl --if-exists del-br ${LXC_BRIDGE} || true > + else > + brctl delbr ${LXC_BRIDGE} > + fi > fi > rm -f "${varrun}"/network_up > rm -f "${lockdir}"/lxc-net > -- > 1.9.1 > > _______________________________________________ > lxc-devel mailing list > lxc-devel@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-devel -- Stéphane Graber Ubuntu developer http://www.ubuntu.com
signature.asc
Description: Digital signature
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel