diff options
Diffstat (limited to 'main/lxc/0001-Support-openvswitch-bridges.patch')
| -rw-r--r-- | main/lxc/0001-Support-openvswitch-bridges.patch | 138 |
1 files changed, 0 insertions, 138 deletions
diff --git a/main/lxc/0001-Support-openvswitch-bridges.patch b/main/lxc/0001-Support-openvswitch-bridges.patch deleted file mode 100644 index 09f91349f5..0000000000 --- a/main/lxc/0001-Support-openvswitch-bridges.patch +++ /dev/null @@ -1,138 +0,0 @@ -From 8acaf18100f3c974cd4a204d531fe0077e95829c Mon Sep 17 00:00:00 2001 -From: Serge Hallyn <serge.hallyn@ubuntu.com> -Date: Mon, 21 Jul 2014 17:48:55 -0500 -Subject: [PATCH 1/3] Support openvswitch bridges - -We detect whether ovs-vsctl is available. If so, then we support -adding network interfaces to openvswitch bridges with it. - -Note that with this patch, veths do not appear to be removed from the -openvswitch bridge. This seems a bug in openvswitch, as the veths -in fact do disappear from the system. If lxc is required to remove -the port from the bridge manually, that becomes more complicated -for unprivileged containers, as it would require a setuid-root -wrapper to be called at shutdown. - -Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> -(cherry picked from commit 0d2047716ad6967eb4714b2448a89593dc266cef) ---- - configure.ac | 11 +++++++++++ - src/lxc/Makefile.am | 4 ++++ - src/lxc/network.c | 43 +++++++++++++++++++++++++++++++++++++++++++ - 3 files changed, 58 insertions(+) - -diff --git a/configure.ac b/configure.ac -index 6ec5740..e0efae7 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -192,6 +192,16 @@ fi - - AM_CONDITIONAL([ENABLE_API_DOCS], [test "x$HAVE_DOXYGEN" != "x"]) - -+# Openvswitch -+AC_PATH_PROG([OVS_CTL_PATH],[ovs-vsctl]) -+if test "x$OVS_CTL_PATH" != "x"; then -+ enable_ovs="yes" -+ AS_AC_EXPAND(OVS_CTL_PATH, "$OVS_CTL_PATH") -+else -+ enable_ovs="no" -+fi -+AM_CONDITIONAL([HAVE_OVS], [test "x$enable_ovs" = "xyes"]) -+ - # Apparmor - AC_ARG_ENABLE([apparmor], - [AC_HELP_STRING([--enable-apparmor], [enable apparmor support [default=auto]])], -@@ -740,6 +750,7 @@ Environment: - - rpath: $enable_rpath - - GnuTLS: $enable_gnutls - - Bash integration: $enable_bash -+ - Openvswitch: $enable_ovs - - Security features: - - Apparmor: $enable_apparmor -diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am -index 92841aa..ddeb37e 100644 ---- a/src/lxc/Makefile.am -+++ b/src/lxc/Makefile.am -@@ -129,6 +129,10 @@ if ENABLE_APPARMOR - AM_CFLAGS += -DHAVE_APPARMOR - endif - -+if HAVE_OVS -+AM_CFLAGS += -DHAVE_OVS -DOVS_CTL_PATH=\"$(OVS_CTL_PATH)\" -+endif -+ - if ENABLE_CGMANAGER - AM_CFLAGS += -DHAVE_CGMANAGER - endif -diff --git a/src/lxc/network.c b/src/lxc/network.c -index a9900de..4270619 100644 ---- a/src/lxc/network.c -+++ b/src/lxc/network.c -@@ -48,6 +48,7 @@ - #include "nl.h" - #include "network.h" - #include "conf.h" -+#include "utils.h" - - #if HAVE_IFADDRS_H - #include <ifaddrs.h> -@@ -1170,6 +1171,45 @@ int lxc_ipv6_dest_add(int ifindex, struct in6_addr *dest) - return ip_route_dest_add(AF_INET6, ifindex, dest); - } - -+#ifdef HAVE_OVS -+static bool is_ovs_bridge(const char *bridge) -+{ -+ char brdirname[22 + IFNAMSIZ + 1] = {0}; -+ struct stat sb; -+ -+ snprintf(brdirname, 22 +IFNAMSIZ + 1, "/sys/class/net/%s/bridge", bridge); -+ if (stat(brdirname, &sb) == -1 && errno == ENOENT) -+ return true; -+ return false; -+} -+ -+static int attach_to_ovs_bridge(const char *bridge, const char *nic) -+{ -+ pid_t pid; -+ const char *progname; -+ -+ pid = fork(); -+ if (pid < 0) -+ return -1; -+ if (pid > 0) -+ return wait_for_pid(pid); -+ -+ progname = strrchr(OVS_CTL_PATH, '/'); -+ if (!progname) // not sane, should we just fail? -+ progname = OVS_CTL_PATH; -+ if (execl(OVS_CTL_PATH, progname, "add-port", bridge, nic, NULL)) -+ exit(1); -+ // not reached -+ exit(1); -+} -+#else -+static inline bool is_ovs_bridge(const char *bridge) { return false; } -+static inline int attach_to_ovs_bridge(const char *bridge, const char *nic) -+{ -+ retun -1; -+} -+#endif -+ - /* - * There is a lxc_bridge_attach, but no need of a bridge detach - * as automatically done by kernel when a netdev is deleted. -@@ -1186,6 +1226,9 @@ int lxc_bridge_attach(const char *bridge, const char *ifname) - if (!index) - return -EINVAL; - -+ if (is_ovs_bridge(bridge)) -+ return attach_to_ovs_bridge(bridge, ifname); -+ - fd = socket(AF_INET, SOCK_STREAM, 0); - if (fd < 0) - return -errno; --- -2.1.2 - |