[meta-virtualization] [PATCH 1/4] lxc: updates to allow the creation of lxcbr0 with systemd

Bruce Ashfield bruce.ashfield at gmail.com
Wed Nov 23 11:17:42 PST 2016


On Tue, Nov 22, 2016 at 1:56 PM, Mark Asselstine <
mark.asselstine at windriver.com> wrote:

> The recipe is setup to create lxcbr0 when used with sysvinit but there
> are some gaps to getting this bridge working when the system is built
> with systemd. Using parts found in the upstream package as well as
> configurations hints from other distros we can fill in the gaps to
> allow lxcbr0 to be created at startup, with the lxc-networking package
> is included in the rootfs.
>
> Signed-off-by: Mark Asselstine <mark.asselstine at windriver.com>
> ---
>  recipes-containers/lxc/files/default.lxc-net | 30
> ++++++++++++++++++++++++++++
>  recipes-containers/lxc/files/dnsmasq.lxc     |  5 +++++
>  recipes-containers/lxc/lxc_2.0.0.bb          | 16 +++++++++++++--
>  3 files changed, 49 insertions(+), 2 deletions(-)
>  create mode 100644 recipes-containers/lxc/files/default.lxc-net
>  create mode 100644 recipes-containers/lxc/files/dnsmasq.lxc
>
> diff --git a/recipes-containers/lxc/files/default.lxc-net
> b/recipes-containers/lxc/files/default.lxc-net
> new file mode 100644
> index 0000000..8013453
> --- /dev/null
> +++ b/recipes-containers/lxc/files/default.lxc-net
> @@ -0,0 +1,30 @@
> +# Sourced from package lxc.spec file
> +#
> +# Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your
> +# containers.  Set to "false" if you'll use virbr0 or another existing
> +# bridge, or mavlan to your host's NIC.
> +USE_LXC_BRIDGE="true"
> +
> +# If you change the LXC_BRIDGE to something other than lxcbr0, then
> +# you will also need to update your /etc/lxc/default.conf as well as the
> +# configuration (/var/lib/lxc/<container>/config) for any containers
> +# already created using the default config to reflect the new bridge
> +# name.
> +# If you have the dnsmasq daemon installed, you'll also have to update
> +# /etc/dnsmasq.d/lxc and restart the system wide dnsmasq daemon.
> +LXC_BRIDGE="lxcbr0"
> +LXC_ADDR="10.0.3.1"
> +LXC_NETMASK="255.255.255.0"
> +LXC_NETWORK="10.0.3.0/24"
> +LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
> +LXC_DHCP_MAX="253"
> +# Uncomment the next line if you'd like to use a conf-file for the lxcbr0
> +# dnsmasq.  For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have
> +# container 'mail1' always get ip address 10.0.3.100.
> +#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf
> +
> +# Uncomment the next line if you want lxcbr0's dnsmasq to resolve the .lxc
> +# domain.  You can then add "server=/lxc/10.0.3.1' (or your actual
> $LXC_ADDR)
> +# to /etc/dnsmasq.conf, after which 'container1.lxc' will resolve on your
> +# host.
> +#LXC_DOMAIN="lxc"
> diff --git a/recipes-containers/lxc/files/dnsmasq.lxc
> b/recipes-containers/lxc/files/dnsmasq.lxc
> new file mode 100644
> index 0000000..36be353
> --- /dev/null
> +++ b/recipes-containers/lxc/files/dnsmasq.lxc
> @@ -0,0 +1,5 @@
> +# Tell any system-wide dnsmasq instance to make sure to bind to interfaces
> +# instead of listening on 0.0.0.0
> +# WARNING: changes to this file will get lost if lxc is removed.
> +bind-interfaces
> +except-interface=lxcbr0
> diff --git a/recipes-containers/lxc/lxc_2.0.0.bb b/recipes-containers/lxc/
> lxc_2.0.0.bb
> index 5e45949..9e15508 100644
> --- a/recipes-containers/lxc/lxc_2.0.0.bb
> +++ b/recipes-containers/lxc/lxc_2.0.0.bb
> @@ -30,6 +30,8 @@ SRC_URI = "http://linuxcontainers.org/
> downloads/${BPN}-${PV}.tar.gz \
>         file://lxc-fix-B-S.patch \
>         file://lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch \
>         file://logs-optionally-use-base-filenames-to-report-src-fil.patch
> \
> +       file://default.lxc-net \
> +       file://dnsmasq.lxc \
>         "
>
>  SRC_URI[md5sum] = "04a7245a614cd3296b0ae9ceeeb83fbb"
> @@ -40,7 +42,7 @@ S = "${WORKDIR}/${BPN}-${PV}"
>  # Let's not configure for the host distro.
>  #
>  PTEST_CONF = "${@bb.utils.contains('DISTRO_FEATURES', 'ptest',
> '--enable-tests', '', d)}"
> -EXTRA_OECONF += "--with-distro=${DISTRO} ${PTEST_CONF}"
> +EXTRA_OECONF += "--with-distro=yocto ${PTEST_CONF}"
>

Is there a reason why ${DISTRO} doesn't work here ? I don't think we want
to hardcode
yocto as a distro.


>
>  EXTRA_OECONF += "--with-init-script=\
>  ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'sysvinit,', '', d)}\
> @@ -76,6 +78,10 @@ SYSTEMD_PACKAGES = "${PN}-setup"
>  SYSTEMD_SERVICE_${PN}-setup = "lxc.service"
>  SYSTEMD_AUTO_ENABLE_${PN}-setup = "disable"
>
> +SYSTEMD_PACKAGES += "${PN}-networking"
> +SYSTEMD_SERVICE_${PN}-networking = "lxc-net.service"
> +SYSTEMD_AUTO_ENABLE_${PN}-networking = "enable"
> +
>  INITSCRIPT_PACKAGES = "${PN}-setup"
>  INITSCRIPT_NAME_{PN}-setup = "lxc"
>  INITSCRIPT_PARAMS_${PN}-setup = "${OS_DEFAULT_INITSCRIPT_PARAMS}"
> @@ -89,7 +95,8 @@ PACKAGES =+ "${PN}-templates ${PN}-setup
> ${PN}-networking"
>  FILES_${PN}-templates += "${datadir}/lxc/templates"
>  RDEPENDS_${PN}-templates += "bash"
>
> -ALLOW_EMPTY_${PN}-networking = "1"
> +FILES_${PN}-networking += "/etc/default/lxc-net"
> +FILES_${PN}-networking += "/etc/dnsmasq.d/lxc"
>
>  FILES_${PN}-setup += "/etc/tmpfiles.d"
>  FILES_${PN}-setup += "/lib/systemd/system"
> @@ -126,6 +133,11 @@ do_install_append() {
>             if [ -d ${D}${exec_prefix}/lib/python* ]; then mv
> ${D}${exec_prefix}/lib/python* ${D}${libdir}/; fi
>             rmdir --ignore-fail-on-non-empty ${D}${exec_prefix}/lib
>         fi
> +
> +       install -d ${D}${sysconfdir}/default
> +       install -d ${D}${sysconfdir}/dnsmasq.d
> +       install -m 644 ${WORKDIR}/default.lxc-net
> ${D}${sysconfdir}/default/lxc-net
> +       install -m 644 ${WORKDIR}/dnsmasq.lxc ${D}${sysconfdir}/dnsmasq.d/
> lxc
>

Everything else looks good to me. If you install the -networking packge ..
you get
the networking configuration.

Bruce


>  }
>
>  EXTRA_OEMAKE += "TEST_DIR=${D}${PTEST_PATH}/src/tests"
> --
> 2.7.4
>
> --
> _______________________________________________
> meta-virtualization mailing list
> meta-virtualization at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/meta-virtualization
>



-- 
"Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20161123/ca1fd7a9/attachment.html>


More information about the meta-virtualization mailing list