On Fri, Dec 10, 2010 at 03:11:27PM +0100, Grzegorz Nosek wrote:
> Every little helps. I've been occasionally playing with network
> namespaces and ran into nothing but problems and kernel bugs.
This one is in production (type 1):
---
ard@harry:/root/vserver/scripts$ cat setup_network_namespace
#!/bin/bash -x
echo ARGS "$@"
VSERVER="$2"
VID="${VSERVER#v}"
DEVNAME=vlan${VID}
case "$1" in
post-start)
echo a PID: $!
# Setup the vlan anyway you like it. I prefer ifup
#ifup "${DEVNAME}"
ip link add link bond0 name "${DEVNAME}" type vlan id ${VID}
vspace -e "$2" --net -- /usr/lib/util-vserver/vprocunhide
vspace -e "$2" --net -- ip li set up dev lo
vspace -e "$2" --net -- sh -c 'while echo $$;do :; done'|(read aPid;ip li set dev "$DEVNAME" netns $aPid)
vspace -e "$2" --net -- ip a add `awk '/me-'${DEVNAME}'/ { print $1 }' /etc/hosts`/24 dev "${DEVNAME}"
vspace -e "$2" --net -- ip li set up dev "${DEVNAME}"
vspace -e "$2" --net -- ip ro add default via `awk '/gw-'${DEVNAME}'/ { print $1 }' /etc/hosts`
;;
pre-stop)
vspace -e "$2" --net -- ip li set down dev "${DEVNAME}"
vspace -e "$2" --net -- ip li set down dev lo
#vspace -e "$2" --net -- ip li set dev "${DEVNAME}" netns 1
vspace -e "$2" --net -- ip link del "${DEVNAME}"
;;
esac
exit 0
---
It assumes the network namespace holder has the name v(vlanid), and that the vlan is created on bond0.
Furthermore: /etc/hosts should contain entries like gw-vlan{vlanid} and me-vlan{vlanid}.
This script must be symlinked to /etc/vservers/<name>/{post-start,pre-stop}.d/
spaces/net must exist and be 0 bytes.
The guests are created as normal but with this:
spaces/net contains the name of above vserver. apps/init/depends contains the same name (symlink)
ncontext is a symlink to context.
And voila: you have multiple guests on a single network namespace.
Tcpdump works like this:
vspsce -e "v${vid}" --net -- tcpdump -n -i vlan${vid}
I will paste the other in a next mail :-).
Received on Fri Dec 10 14:22:39 2010