[pve-devel] [PATCH] vznetaddbr perl version

Alexandre Derumier aderumier at odiso.com
Tue May 6 14:12:10 CEST 2014


this replace the default vznetaddbr script,
using perl code.

This allow to use vlan tag, firewall bridge and openvswitch bridge
like for qemu

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 debian/control                      |    2 +-
 debian/patches/fix-config-path.diff |   13 ----------
 debian/patches/series               |    2 +-
 debian/rules                        |    3 +++
 debian/vznetaddbr                   |   49 +++++++++++++++++++++++++++++++++++
 5 files changed, 54 insertions(+), 15 deletions(-)
 create mode 100755 debian/vznetaddbr

diff --git a/debian/control b/debian/control
index 872ac4f..3e30e69 100644
--- a/debian/control
+++ b/debian/control
@@ -7,7 +7,7 @@ Standards-Version: 3.7.2
 
 Package: vzctl
 Architecture: i386 ia64 amd64 powerpc sparc
-Depends: ${shlibs:Depends}, vzquota (>= 3.1-1), iproute, procps, pve-cluster, libpve-storage-perl, libcgroup1 (>= 0.38-1), attr
+Depends: ${shlibs:Depends}, vzquota (>= 3.1-1), iproute, procps, pve-cluster, libpve-storage-perl, libcgroup1 (>= 0.38-1), attr, pve-firewall
 Recommends: rsync, openssh-client
 Description: OpenVZ - server virtualization solution - control tools
  OpenVZ is an Operating System-level server virtualization solution, built
diff --git a/debian/patches/fix-config-path.diff b/debian/patches/fix-config-path.diff
index 8a17ad9..fa50f56 100644
--- a/debian/patches/fix-config-path.diff
+++ b/debian/patches/fix-config-path.diff
@@ -24,19 +24,6 @@ Index: new/paths.am
  distconfdir = $(pkgconfdir)/dists
  namesdir    = $(pkgconfdir)/names
  
-Index: new/bin/vznetaddbr.in
-===================================================================
---- new.orig/bin/vznetaddbr.in	2012-09-28 09:05:45.000000000 +0200
-+++ new/bin/vznetaddbr.in	2012-09-28 09:39:27.000000000 +0200
-@@ -2,7 +2,7 @@
- #
- # Add virtual network interfaces (veth's) in a container to a bridge on CT0
- 
--CONFIGFILE=@PKGCONFDIR@/conf/$VEID.conf
-+CONFIGFILE=@VPSCONFDIR@/$VEID.conf
- . $CONFIGFILE
- 
- NETIFLIST=$(printf %s "$NETIF" |tr ';' '\n')
 Index: new/etc/init.d/vz-redhat.in
 ===================================================================
 --- new.orig/etc/init.d/vz-redhat.in	2012-09-28 09:05:45.000000000 +0200
diff --git a/debian/patches/series b/debian/patches/series
index 483ec4c..ed86721 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,5 +7,5 @@ no-backup-on-destroy.diff
 fix-init.d-depends.diff
 allow-abs-ostemplate-path.diff
 always-create-dev-console.patch
-keep-bridge-MTU.patch
+#keep-bridge-MTU.patch
 fix-vzifup-post-error.patch
diff --git a/debian/rules b/debian/rules
index 1a4bc81..c9805fd 100644
--- a/debian/rules
+++ b/debian/rules
@@ -95,6 +95,9 @@ install: build
 	rm -rf $(CURDIR)/debian/vzctl/etc/vz/conf
 	# we create the symlink to /etc/pve/openvz inside the preinst script
 
+	# install perl vznetaddbr version
+	install -m 644 $(CURDIR)/debian/vznetaddbr $(CURDIR)/debian/vzctl/usr/sbin/vznetaddbr
+
 
 
 # Build architecture-independent files here.
diff --git a/debian/vznetaddbr b/debian/vznetaddbr
new file mode 100755
index 0000000..fea3303
--- /dev/null
+++ b/debian/vznetaddbr
@@ -0,0 +1,49 @@
+#!/usr/bin/perl
+use strict;
+use warnings;
+use PVE::OpenVZ;
+use PVE::Tools qw(run_command);
+use PVE::Network;
+use PVE::ProcFSTools;
+use PVE::Firewall;
+
+my $vmid = $ENV{VEID};
+die "missing vmid parameter" if !$vmid;
+
+my $iface = $ARGV[2];
+die "missing iface parameter" if !$iface;
+
+my $conf = PVE::OpenVZ::load_config($vmid);
+my $vmfw_conf = PVE::Firewall::load_vmfw_conf($vmid);
+
+my $ifaces = {};
+if (defined ($conf->{netif}) && $conf->{netif}->{value}) {
+	$ifaces = PVE::OpenVZ::parse_netif($conf->{netif}->{value}, $vmid);
+}
+
+foreach my $ifname (sort keys %$ifaces) {
+
+    if($ifaces->{$ifname}->{host_ifname} eq $iface){
+	my $bridge = $ifaces->{$ifname}->{bridge};
+	my $tag = $ifaces->{$ifname}->{tag};
+	my $firewall = $ifaces->{$ifname}->{firewall};
+
+	if (-d "/sys/class/net/$iface") {
+
+	    my $bridgemtu = PVE::Tools::file_read_firstline("/sys/class/net/$bridge/mtu");
+	    die "bridge '$bridge' does not exist\n" if !$bridgemtu;
+	    #avoid insecure dependency;
+	    ($bridgemtu) = $bridgemtu =~ /(\d+)/;
+
+	    PVE::Tools::run_command("/sbin/ip link set dev $iface up mtu $bridgemtu");
+	    PVE::Tools::run_command("/sbin/ip addr add 0.0.0.0/0 dev $iface");
+	    PVE::ProcFSTools::write_proc_entry("/proc/sys/net/ipv4/conf/$iface/proxy_arp", "1");
+	    PVE::ProcFSTools::write_proc_entry("/proc/sys/net/ipv4/conf/$iface/forwarding", "1");
+	    my $fwenable = $vmfw_conf->{options}->{enable};
+	    $fwenable = $firewall if $fwenable;
+	    PVE::Network::tap_plug($iface, $bridge, $tag, $fwenable);
+	}
+    }
+}
+
+exit 0;
-- 
1.7.10.4




More information about the pve-devel mailing list