-
Notifications
You must be signed in to change notification settings - Fork 74
/
pipework
executable file
·141 lines (127 loc) · 3.27 KB
/
pipework
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
#!/bin/bash
set -e
case "$1" in
--wait)
while ! grep -q ^up$ /sys/class/net/eth1/operstate 2>/dev/null
do sleep 1
done
exit 0
;;
esac
IFNAME=$1
GUESTNAME=$2
IPADDR=$3
MACADDR=$4
[ "$IPADDR" ] || {
echo "Syntax:"
echo "pipework <hostinterface> <guest> <ipaddr>/<subnet>[@default_gateway] [macaddr]"
echo "pipework <hostinterface> <guest> dhcp [macaddr]"
echo "pipework --wait"
exit 1
}
# First step: determine type of first argument (bridge, physical interface...)
if [ -d /sys/class/net/$IFNAME ]
then
if [ -d /sys/class/net/$IFNAME/bridge ]
then IFTYPE=bridge
else IFTYPE=phys
fi
else
case "$IFNAME" in
br*)
IFTYPE=bridge
;;
*)
echo "I do not know how to setup interface $IFNAME."
exit 1
;;
esac
fi
# Second step: find the guest (for now, we only support LXC containers)
while read dev mnt fstype options dump fsck
do
[ "$fstype" != "cgroup" ] && continue
echo $options | grep -qw devices || continue
CGROUPMNT=$mnt
done < /proc/mounts
[ "$CGROUPMNT" ] || {
echo "Could not locate cgroup mount point."
exit 1
}
N=$(find "$CGROUPMNT" -name "$GUESTNAME*" | wc -l)
case "$N" in
0)
echo "Could not find any container matching $GUESTNAME."
exit 1
;;
1)
true
;;
*)
echo "Found more than one container matching $GUESTNAME."
exit 1
;;
esac
if [ "$IPADDR" = "dhcp" ]
then
# We use udhcpc to obtain the DHCP lease, make sure it's installed.
which udhcpc >/dev/null || {
echo "You asked for DHCP; please install udhcpc first."
exit 1
}
else
# Check if a subnet mask was provided.
echo $IPADDR | grep -q / || {
echo "The IP address should include a netmask."
echo "Maybe you meant $IPADDR/24 ?"
exit 1
}
# Check if a gateway address was provided.
if echo $IPADDR | grep -q @
then
GATEWAY=$(echo $IPADDR | cut -d@ -f2)
IPADDR=$(echo $IPADDR | cut -d@ -f1)
else
GATEWAY=
fi
fi
NSPID=$(head -n 1 $(find "$CGROUPMNT" -name "$GUESTNAME*" | head -n 1)/tasks)
[ "$NSPID" ] || {
echo "Could not find a process inside container $GUESTNAME."
exit 1
}
mkdir -p /var/run/netns
rm -f /var/run/netns/$NSPID
ln -s /proc/$NSPID/ns/net /var/run/netns/$NSPID
# Check if we need to create a bridge.
[ $IFTYPE = bridge ] && [ ! -d /sys/class/net/$IFNAME ] && {
ip link add $IFNAME type bridge
ip link set $IFNAME up
}
# If it's a bridge, we need to create a veth pair
[ $IFTYPE = bridge ] && {
LOCAL_IFNAME=vethl$NSPID
GUEST_IFNAME=vethg$NSPID
ip link add name $LOCAL_IFNAME type veth peer name $GUEST_IFNAME
ip link set $LOCAL_IFNAME master $IFNAME
ip link set $LOCAL_IFNAME up
}
# If it's a physical interface, create a macvlan subinterface
[ $IFTYPE = phys ] && {
GUEST_IFNAME=macvlan$NSPID
ip link add link $IFNAME dev $GUEST_IFNAME type macvlan mode bridge
ip link set $IFNAME up
}
ip link set $GUEST_IFNAME netns $NSPID
ip netns exec $NSPID ip link set $GUEST_IFNAME name eth1
[ "$MACADDR" ] && ip netns exec $NSPID ip link set eth1 address $MACADDR
if [ "$IPADDR" = "dhcp" ]
then
ip netns exec $NSPID udhcpc -qi eth1
else
ip netns exec $NSPID ip addr add $IPADDR dev eth1
ip netns exec $NSPID ip link set eth1 up
[ "$GATEWAY" ] && {
ip netns exec $NSPID ip route replace default via $GATEWAY
}
fi