On Thu, 2014-12-04 at 15:13 -0500, S.Çağlar Onur wrote: > On Thu, Dec 4, 2014 at 2:15 PM, Stéphane Graber <stgra...@ubuntu.com> wrote: > > On Thu, Dec 04, 2014 at 01:21:24PM -0500, S.Çağlar Onur wrote: > >> Signed-off-by: S.Çağlar Onur <cag...@10ur.org> > >> --- > >> config/init/common/lxc-net.in | 26 ++++++++++++++++++++++---- > >> 1 file changed, 22 insertions(+), 4 deletions(-) > >> > >> diff --git a/config/init/common/lxc-net.in b/config/init/common/lxc-net.in > >> index 5567fee..5ca2eb2 100644 > >> --- a/config/init/common/lxc-net.in > >> +++ b/config/init/common/lxc-net.in > >> @@ -8,6 +8,7 @@ varrun="@RUNTIME_PATH@/lxc" > >> # or in @LXC_DISTRO_SYSCONF@/lxc-net > >> > >> USE_LXC_BRIDGE="true" > >> +USE_OPENVSWITCH="false" > >> LXC_BRIDGE="lxcbr0" > >> LXC_ADDR="10.0.3.1" > >> LXC_NETMASK="255.255.255.0" > >> @@ -79,7 +80,11 @@ start() { > >> iptables $use_iptables_lock -t nat -D POSTROUTING -s > >> ${LXC_NETWORK} ! -d ${LXC_NETWORK} -j MASQUERADE || true > >> iptables $use_iptables_lock -t mangle -D POSTROUTING -o > >> ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > >> ifdown ${LXC_BRIDGE} > >> - brctl delbr ${LXC_BRIDGE} || true > >> + if [ "x$USE_OPENVSWITCH" = "xtrue" ]; then > >> + ovs-vsctl --if-exists del-br ${LXC_BRIDGE} || true > >> + else > >> + brctl delbr ${LXC_BRIDGE} || true > >> + fi > >> } > >> > >> if [ -d /sys/class/net/${LXC_BRIDGE} ]; then > >> @@ -87,7 +92,11 @@ start() { > >> fi > >> > >> # set up the lxc network > >> - brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in > >> kernel"; stop; exit 0; } > >> + if [ "x$USE_OPENVSWITCH" = "xtrue" ]; then > >> + ovs-vsctl --may-exist add-br ${LXC_BRIDGE} || { echo "Missing > >> openvbridge support in kernel"; stop; exit 0; } > >> + else > >> + brctl addbr ${LXC_BRIDGE} || { echo "Missing bridge support in > >> kernel"; stop; exit 0; } > >> + fi > >> echo 1 > /proc/sys/net/ipv4/ip_forward > >> > >> # if we are run from systemd on a system with selinux enabled, > >> @@ -115,7 +124,12 @@ start() { > >> if [ -n "$LXC_DOMAIN" ]; then > >> LXC_DOMAIN_ARG="-s $LXC_DOMAIN -S /$LXC_DOMAIN/" > >> fi > >> - dnsmasq $LXC_DOMAIN_ARG -u lxc-dnsmasq --strict-order > >> --bind-interfaces --pid-file="${varrun}"/dnsmasq.pid > >> --conf-file=${LXC_DHCP_CONFILE} --listen-address ${LXC_ADDR} --dhcp-range > >> ${LXC_DHCP_RANGE} --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override > >> --except-interface=lo --interface=${LXC_BRIDGE} > >> --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases > >> --dhcp-authoritative || cleanup > >> + > >> + DNSMASQ_USER="lxc-dnsmasq" > >> + if ! getent passwd ${DNSMASQ_USER} >/dev/null; then > >> + DNSMASQ_USER="dnsmasq" > > > > Shouldn't the fallback be nobody rather than dnsmasq? > > I guess we could. I used dnsmasq cause > https://github.com/lxc/lxc/commit/1c1bb85ad2b6 was using that :)
Maybe fall back to check for dnsmasq and fall back to it if it exists and then fall back to nobody if it doesn't? I ran into this with the rpm spec file. > >> + fi > >> + dnsmasq $LXC_DOMAIN_ARG -u ${DNSMASQ_USER} --strict-order > >> --bind-interfaces --pid-file="${varrun}"/dnsmasq.pid > >> --conf-file=${LXC_DHCP_CONFILE} --listen-address ${LXC_ADDR} --dhcp-range > >> ${LXC_DHCP_RANGE} --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override > >> --except-interface=lo --interface=${LXC_BRIDGE} > >> --dhcp-leasefile=/var/lib/misc/dnsmasq.${LXC_BRIDGE}.leases > >> --dhcp-authoritative || cleanup > >> touch "${varrun}"/network_up > >> touch "${lockdir}"/lxc-net > >> } > >> @@ -141,7 +155,11 @@ stop() { > >> iptables $use_iptables_lock -t mangle -D POSTROUTING -o > >> ${LXC_BRIDGE} -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill > >> pid=`cat "${varrun}"/dnsmasq.pid 2>/dev/null` && kill -9 $pid || > >> true > >> rm -f "${varrun}"/dnsmasq.pid > >> - brctl delbr ${LXC_BRIDGE} > >> + if [ "x$USE_OPENVSWITCH" = "xtrue" ]; then > >> + ovs-vsctl --if-exists del-br ${LXC_BRIDGE} || true > >> + else > >> + brctl delbr ${LXC_BRIDGE} > >> + fi > >> fi > >> rm -f "${varrun}"/network_up > >> rm -f "${lockdir}"/lxc-net > >> -- > >> 1.9.1 > >> > >> _______________________________________________ > >> lxc-devel mailing list > >> lxc-devel@lists.linuxcontainers.org > >> http://lists.linuxcontainers.org/listinfo/lxc-devel > > > > -- > > Stéphane Graber > > Ubuntu developer > > http://www.ubuntu.com > > > > _______________________________________________ > > lxc-devel mailing list > > lxc-devel@lists.linuxcontainers.org > > http://lists.linuxcontainers.org/listinfo/lxc-devel > > > > > -- Michael H. Warfield (AI4NB) | (770) 978-7061 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel