--- /dev/null
+# diff -durN -x '*~' -x '*.orig' lxc-1.1.3.orig/config/init/common/lxc-net.in lxc-1.1.3/config/init/common/lxc-net.in > ~/rpm/packages/lxc/lxc-net.patch
+--- lxc-1.1.3.orig/config/init/common/lxc-net.in 2015-08-15 00:32:10.000000000 +0200
++++ lxc-1.1.3/config/init/common/lxc-net.in 2015-09-14 13:43:35.950386724 +0200
+@@ -24,6 +24,17 @@
+
+ [ ! -f $distrosysconfdir/lxc ] || . $distrosysconfdir/lxc
+
++# Additional network based on macvlan
++# It can be overridden in @LXC_DISTRO_SYSCONF@/lxc_macvlan
++# by default is not used
++
++macvlan="@LIBEXECDIR@/lxc/lxc_macvlan"
++USE_LXC_MACVLAN="false"
++
++[ ! -f $distrosysconfdir/lxc_macvlan ] || . $distrosysconfdir/lxc_macvlan
++[ ! -f $macvlan ] || . $macvlan
++
++
+ use_iptables_lock="-w"
+ iptables -w -L -n > /dev/null 2>&1 || use_iptables_lock=""
+
+@@ -48,7 +59,9 @@
+ ip link set dev $1 up
+ }
+
++
+ start() {
++ [ "x$USE_LXC_MACVLAN" = "xtrue" ] && { macvlan_start; exit $?; }
+ [ "x$USE_LXC_BRIDGE" = "xtrue" ] || { exit 0; }
+
+ [ ! -f "${varrun}/network_up" ] || { echo "lxc-net is already running"; exit 1; }
+@@ -131,6 +144,7 @@
+ }
+
+ stop() {
++ [ "x$USE_LXC_MACVLAN" = "xtrue" ] && { macvlan_stop; exit $?; }
+ [ "x$USE_LXC_BRIDGE" = "xtrue" ] || { exit 0; }
+
+ [ -f "${varrun}/network_up" ] || [ "$1" = "force" ] || { echo "lxc-net isn't running"; exit 1; }
# TODO
-# - what to do lxc_macvlan.init, when upstream provided lxc-net.init?
# - package apparmor stuff
# Conditional build:
Summary: Linux Containers userspace tools
Summary(pl.UTF-8): Narzędzia do kontenerów linuksowych (LXC)
Name: lxc
-Version: 1.1.2
-Release: 2
+Version: 1.1.3
+Release: 1
License: LGPL v2.1+
Group: Applications/System
Source0: https://linuxcontainers.org/downloads/lxc/%{name}-%{version}.tar.gz
-# Source0-md5: 3ebadacf5fe8bfe689fd7a09812b682c
+# Source0-md5: 197abb5a28ab0b689c737eb1951023fb
Source1: %{name}-pld.in.sh
-Source2: %{name}_macvlan.init
-Source3: %{name}_macvlan.sysconfig
+# lxc-net based on bridge, macvlan is an alternative/supported lxc network
+Source2: %{name}_macvlan.sysconfig
+Source3: %{name}_macvlan
Patch0: %{name}-pld.patch
Patch1: x32.patch
+Patch2: %{name}-net.patch
URL: https://www.linuxcontainers.org/
BuildRequires: autoconf >= 2.50
BuildRequires: automake
%{?with_lua:BuildRequires: lua51-devel >= 5.1}
BuildRequires: pkgconfig
%{?with_python:BuildRequires: python3-devel >= 1:3.2}
+%{?with_python:BuildRequires: python3-modules}
BuildRequires: rpm-pythonprov
BuildRequires: rpmbuild(macros) >= 1.671
BuildRequires: sed >= 4.0
Requires: rc-scripts >= 0.4.6
+Requires: dnsmasq # used in lxc-net script
+Requires: gawk # lxc_macvlan script
+Requires: iptables # used in lxc-net script to set bridge nat
Requires: which
Requires: iproute2
Requires: systemd-units >= 38
%description -l pl.UTF-8
Narzędzia do tworzenia i zarządzania kontenerami. System ten obejmuje
-w pełni funkcjonalne kontenery z ilozacją/wirtualizacją pidów, ipc,
+w pełni funkcjonalne kontenery z izolacją/wirtualizacją pidów, ipc,
utsname, punktów montowania, /proc, /sys, sieci oraz uwzględniające
grupy kontrolne. Jest bardzo lekki, elastyczny i udostępnia narzędzia
do czynności związanych z kontenerami, takich jak monitorowanie z
%setup -q
%patch0 -p1
%patch1 -p1
+%patch2 -p1
cp -p %{SOURCE1} templates/lxc-pld.in
# yum plugin, no idea where to package this
%{__rm} $RPM_BUILD_ROOT%{_datadir}/%{name}/lxc-patch.py
-install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/lxc_macvlan
-install -p %{SOURCE3} $RPM_BUILD_ROOT/etc/sysconfig/lxc_macvlan
+install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/lxc_macvlan
+install -p %{SOURCE3} $RPM_BUILD_ROOT%{_libdir}/%{name}/lxc_macvlan
+
%if %{with python}
%py3_comp $RPM_BUILD_ROOT%{py3_sitedir}/lxc
/sbin/ldconfig
/sbin/chkconfig --add lxc
/sbin/chkconfig --add lxc-net
-/sbin/chkconfig --add lxc_macvlan
%systemd_post lxc.service lxc-net.service
%preun
/sbin/chkconfig --del lxc
%service lxc-net stop
/sbin/chkconfig --del lxc-net
- %service lxc_macvlan stop
- /sbin/chkconfig --del lxc_macvlan
fi
%systemd_preun lxc.service lxc-net.service
%attr(755,root,root) %ghost %{_libdir}/liblxc.so.1
%attr(754,root,root) /etc/rc.d/init.d/lxc
%attr(754,root,root) /etc/rc.d/init.d/lxc-net
-%attr(754,root,root) /etc/rc.d/init.d/lxc_macvlan
%{systemdunitdir}/lxc.service
%{systemdunitdir}/lxc-net.service
%attr(755,root,root) %{_libdir}/%{name}/lxc-monitord
%attr(755,root,root) %{_libdir}/%{name}/lxc-net
%attr(755,root,root) %{_libdir}/%{name}/lxc-user-nic
+%attr(755,root,root) %{_libdir}/%{name}/lxc_macvlan
%dir %{_sysconfdir}/lxc
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/lxc_macvlan
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/lxc
%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lxc/default.conf
%dir %{_datadir}/%{name}
%{_datadir}/%{name}/lxc.functions
-%attr(755,root,root) %{_datadir}/%{name}/lxc-restore-net
+# below has been removed in lxc-1.1.3
+#%attr(755,root,root) %{_datadir}/%{name}/lxc-restore-net
%dir %{_datadir}/%{name}/config
%{_datadir}/%{name}/config/archlinux.*.conf
%{_datadir}/%{name}/config/centos.*.conf
--- /dev/null
+#!/bin/bash
+
+# additional macvlan interface for lxc
+
+# TODO: add additional iptables rules / ipv6 / ip_forward
+
+
+macvlan_test_config(){
+
+ # check if all required configurations have been set
+ # Source any configurable options
+ test ! -r /etc/sysconfig/lxc_macvlan ||
+ . /etc/sysconfig/lxc_macvlan
+
+ # Tests for data provided in /etc/sysconfig/lxc_macvlan
+ if [ -z "$MACVLAN_DEV" ]; then
+ echo "MACVLAN_DEV not set is /etc/sysconfig/lxc_macvlan"
+ exit 6
+ fi
+
+ if [ -z "$MACVLAN_NAME" ]; then
+ echo "MACVLAN_NAME not set is /etc/sysconfig/lxc_macvlan"
+ exit 6
+ fi
+
+ if [ -z "$MACVLAN_ADDRESS" ]; then
+ echo "MACVLAN_ADDRESS not set is /etc/sysconfig/lxc_macvlan"
+ exit 6
+ fi
+}
+
+macvlan_gen_default_hwaddr(){
+ # If not defined MACVLAN_HWADDRESS, calculate it from MACVLAN_ADDRESS
+ echo $MACVLAN_ADDRESS | awk -F "/" '{print $1}' | awk -F "." '{ printf "00:16:3e:%x:%x:%x\n", $2, $3, $4 }'
+}
+
+macvlan_start() {
+ echo "LXC macvlan interface start"
+ echo 1 > /proc/sys/net/ipv4/ip_forward
+ macvlan_test_config
+
+ set -e
+ if [ -z "$MACVLAN_HWADDRESS" ]; then
+ MACVLAN_HWADDRESS=`macvlan_gen_default_hwaddr`
+ fi
+ ip link add link $MACVLAN_DEV name $MACVLAN_NAME address $MACVLAN_HWADDRESS type macvlan mode bridge
+ ip link set $MACVLAN_NAME up
+ ip address add $MACVLAN_ADDRESS brd + dev $MACVLAN_NAME
+}
+
+macvlan_stop() {
+ echo "LXC macvlan interface stop"
+ macvlan_test_config
+
+ set -e
+ ip link set $MACVLAN_NAME down
+ ip link del $MACVLAN_NAME
+}
+
+macvlan_status() {
+ echo "LXC macvlan interface status"
+ macvlan_test_config
+
+ set -e
+ ip addr show $MACVLAN_NAME
+}
\ No newline at end of file
+++ /dev/null
-#!/bin/sh
-#
-# lxc_macvlan Start/Stop LXC MACVLAN interface
-#
-# chkconfig: 345 11 89
-# description: Starts/Stops LXC MACVLAN interface.
-#
-### BEGIN INIT INFO
-# Provides: lxc_macvlan
-# Default-Start: 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Start/Stop LXC MACVLAN interface
-# Description: Start/Stop LXC MACVLAN interface
-### END INIT INFO
-
-# Source function library
-. /etc/rc.d/init.d/functions
-
-# Source any configurable options
-test ! -r /etc/sysconfig/lxc_macvlan ||
- . /etc/sysconfig/lxc_macvlan
-
-# Tests for data provided in /etc/sysconfig/lxc_macvlan
-if [ -z "$MACVLAN_DEV" ]; then
- echo "MACVLAN_DEV not set is /etc/sysconfig/lxc_macvlan"
- exit 6
-fi
-
-if [ -z "$MACVLAN_NAME" ]; then
- echo "MACVLAN_NAME not set is /etc/sysconfig/lxc_macvlan"
- exit 6
-fi
-
-if [ -z "$MACVLAN_ADDRESS" ]; then
- echo "MACVLAN_ADDRESS not set is /etc/sysconfig/lxc_macvlan"
- exit 6
-fi
-
-# If not defined MACVLAN_HWADDRESS, calculate it from MACVLAN_ADDRESS
-if [ -z "$MACVLAN_HWADDRESS" ]; then
- MACVLAN_HWADDRESS=`echo $MACVLAN_ADDRESS | awk -F "/" '{print $1}' | awk -F "." '{ printf "00:16:3e:%x:%x:%x\n", $2, $3, $4 }'`
- # TODO: Print on start() only
- # echo "MACVLAN_HWADDRESS not set, using calculated from MACVLAN_ADDRESS=${MACVLAN_ADDRESS} value: ${MACVLAN_HWADDRESS}";
-fi
-
-
-start() {
- msg_starting "LXC macvlan interface"
- # set -x
- ip link add link $MACVLAN_DEV name $MACVLAN_NAME address $MACVLAN_HWADDRESS type macvlan mode bridge
- ip link set $MACVLAN_NAME up
- ip address add $MACVLAN_ADDRESS brd + dev $MACVLAN_NAME
- # TODO: check if works:
- # cat /sys/class/net/macv0/address
- # 00:13:00:00:20:14
- RETVAL=$?
- [ $RETVAL -eq 0 ] && ok || fail
-}
-
-stop() {
- msg_stopping "LXC macvlan interface"
- # set -x
- ip link set $MACVLAN_NAME down
- ip link del $MACVLAN_NAME
- RETVAL=$?
- [ $RETVAL -eq 0 ] && ok || fail
-}
-
-status() {
- ip addr show $MACVLAN_NAME
-}
-
-
-RETVAL=0
-
-# See how we were called.
-case "$1" in
- start)
- start
- ;;
-
- stop)
- stop
- ;;
- restart|reload|force-reload)
- stop
- start
- ;;
- status)
- status
- ;;
- *)
-
- msg_usage "$0 {start|stop|restart|reload|force-reload|status}"
- exit 3
-esac
-
-exit $RETVAL
# LXC MACVLAN device config
+# Change below to "true" if you want to use macvlan instead of default bridge network
+USE_LXC_MACVLAN="false"
+
# Logical interface name
MACVLAN_NAME=macv0
projects / packages / lxc.git / commitdiff