[libvirt] [RFC] Re: [PATCH 2/9] LXC: set IP addresses to veth devices in the container

Fri Aug 1 09:45:50 UTC 2014

On Wed, Jul 30, 2014 at 8:14 PM, Cedric Bosdonnat <cbosdonnat at suse.com> wrote:
> Hi all,
>
> On Fri, 2014-07-25 at 17:03 +0200, Cédric Bosdonnat wrote:
>> Uses the new virDomainNetDef ips to set the IP addresses on the network
>> interfaces in the container.
>> ---
>>  src/lxc/lxc_container.c | 20 +++++++++++++++++++-
>>  1 file changed, 19 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
>> index 1cf2c8f..62e9d76 100644
>> --- a/src/lxc/lxc_container.c
>> +++ b/src/lxc/lxc_container.c
>> @@ -495,7 +495,7 @@ static int lxcContainerRenameAndEnableInterfaces(virDomainDefPtr vmDef,
>>                                                   char **veths)
>>  {
>>      int rc = 0;
>> -    size_t i;
>> +    size_t i, j;
>>      char *newname = NULL;
>>      virDomainNetDefPtr netDef;
>>      bool privNet = vmDef->features[VIR_DOMAIN_FEATURE_PRIVNET] ==
>> @@ -516,6 +516,24 @@ static int lxcContainerRenameAndEnableInterfaces(virDomainDefPtr vmDef,
>>          if (rc < 0)
>>              goto error_out;
>>
>> +        for (jvirNetDevSetIPv4Address() is not optimal as it needs tools installed in the
container because it runs everything within it.
= 0; j < netDef->nips; j++) {
>> +            virDomainNetIpDefPtr ip = netDef->ips[j];
>> +            unsigned int prefix = (ip->prefix > 0) ? ip->prefix : 24;
>> +            virSocketAddr address;
>> +
>> +            if (virSocketAddrParse(&address, ip->address, AF_UNSPEC) < 0)
>> +                goto error_out;
>> +
>> +            VIR_DEBUG("Adding IP address '%s/%u' to '%s'",
>> +                      ip->address, ip->prefix, newname);
>> +            if (virNetDevSetIPv4Address(newname, &address, prefix) < 0) {
>
> I'm just thinking that this requires to have either ip-route or ifconfig
> installed in the container... which is pretty unlikely. Should I go for
> an implementation using the kernel functions directly?

I'd not say unlikely but it is a use case to consider.

Implementing ip/ifconfig directly in libvirtd and using the raw kernel
interface seems
cumbersome to me.
The problem with virNetDevSetIPv4Address() is that you call it after
entering all namespaces
and hence you need ip/ifconfig installed in the container.

Enter only the network namespace and then call it.
This way you can configure the network stuff easily for the container using the
host tools. Like ip netns exec ... does.

-- 
Thanks,
//richard