Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hook: fix vlan handling #238

Merged
merged 2 commits into from
Aug 27, 2024
Merged

hook: fix vlan handling #238

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2187536
hook: vlan.sh: fix 'parse_cmdline' bug; if no hw_addr specified, defa…
rpardini Aug 16, 2024
145a877
hook: introduce hook-ip container for vlan.sh
rpardini Aug 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions bash/hook-lk-containers.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ function build_all_hook_linuxkit_containers() {
# when adding new container builds here you'll also want to add them to the
# `linuxkit_build` function in the linuxkit.sh file.
# # NOTE: linuxkit containers must be in the images/ directory
build_hook_linuxkit_container hook-ip HOOK_CONTAINER_IP_IMAGE
build_hook_linuxkit_container hook-bootkit HOOK_CONTAINER_BOOTKIT_IMAGE
build_hook_linuxkit_container hook-docker HOOK_CONTAINER_DOCKER_IMAGE
build_hook_linuxkit_container hook-mdev HOOK_CONTAINER_MDEV_IMAGE
Expand Down
5 changes: 3 additions & 2 deletions bash/linuxkit.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ function linuxkit_build() {
fi

# Build the containers in this repo used in the LinuxKit YAML;
build_all_hook_linuxkit_containers # sets HOOK_CONTAINER_BOOTKIT_IMAGE, HOOK_CONTAINER_DOCKER_IMAGE, HOOK_CONTAINER_MDEV_IMAGE, HOOK_CONTAINER_CONTAINERD_IMAGE
build_all_hook_linuxkit_containers # sets HOOK_CONTAINER_IP_IMAGE, HOOK_CONTAINER_BOOTKIT_IMAGE, HOOK_CONTAINER_DOCKER_IMAGE, HOOK_CONTAINER_MDEV_IMAGE, HOOK_CONTAINER_CONTAINERD_IMAGE

# Template the linuxkit configuration file.
# - You'd think linuxkit would take --build-args or something by now, but no.
Expand All @@ -64,12 +64,13 @@ function linuxkit_build() {
# shellcheck disable=SC2016 # I'm using single quotes to avoid shell expansion, envsubst wants the dollar signs.
cat "linuxkit-templates/${kernel_info['TEMPLATE']}.template.yaml" |
HOOK_KERNEL_IMAGE="${kernel_oci_image}" HOOK_KERNEL_ID="${inventory_id}" HOOK_KERNEL_VERSION="${kernel_oci_version}" \
HOOK_CONTAINER_IP_IMAGE="${HOOK_CONTAINER_IP_IMAGE}" \
HOOK_CONTAINER_BOOTKIT_IMAGE="${HOOK_CONTAINER_BOOTKIT_IMAGE}" \
HOOK_CONTAINER_DOCKER_IMAGE="${HOOK_CONTAINER_DOCKER_IMAGE}" \
HOOK_CONTAINER_MDEV_IMAGE="${HOOK_CONTAINER_MDEV_IMAGE}" \
HOOK_CONTAINER_CONTAINERD_IMAGE="${HOOK_CONTAINER_CONTAINERD_IMAGE}" \
HOOK_CONTAINER_RUNC_IMAGE="${HOOK_CONTAINER_RUNC_IMAGE}" \
envsubst '$HOOK_VERSION $HOOK_KERNEL_IMAGE $HOOK_KERNEL_ID $HOOK_KERNEL_VERSION $HOOK_CONTAINER_BOOTKIT_IMAGE $HOOK_CONTAINER_DOCKER_IMAGE $HOOK_CONTAINER_MDEV_IMAGE $HOOK_CONTAINER_CONTAINERD_IMAGE $HOOK_CONTAINER_RUNC_IMAGE' \
envsubst '$HOOK_VERSION $HOOK_KERNEL_IMAGE $HOOK_KERNEL_ID $HOOK_KERNEL_VERSION $HOOK_CONTAINER_IP_IMAGE $HOOK_CONTAINER_BOOTKIT_IMAGE $HOOK_CONTAINER_DOCKER_IMAGE $HOOK_CONTAINER_MDEV_IMAGE $HOOK_CONTAINER_CONTAINERD_IMAGE $HOOK_CONTAINER_RUNC_IMAGE' \
> "hook.${inventory_id}.yaml"

declare -g linuxkit_bin=""
Expand Down
37 changes: 19 additions & 18 deletions files/vlan.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ function parse_kernel_cmdline_for() {
if [ -z "${result}" ]; then
return 1
else
printf "%s\n" "$result"
printf "%s" "$result"
fi
}

Expand All @@ -43,15 +43,14 @@ function add_vlan_interface() {

# check if hw_addr are set in the kernel commandline, otherwise return.
if ! kernel_cmdline_exists hw_addr; then
echo "No hw_addr=xx:xx:xx:xx:xx:xx set in kernel commandline; no VLAN handling." >&2
return
echo "No hw_addr=xx:xx:xx:xx:xx:xx set in kernel commandline." >&2
fi

echo "Starting VLAN handling, parsing..." >&2

declare vlan_id hw_addr
vlan_id="$(parse_cmdline vlan_id)"
hw_addr="$(parse_cmdline hw_addr)"
vlan_id="$(parse_kernel_cmdline_for vlan_id)"
hw_addr="$(parse_kernel_cmdline_for hw_addr)"

echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}'" >&2

Expand All @@ -60,21 +59,23 @@ function add_vlan_interface() {
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', searching for interface..." >&2
ifname="$(ip -br link | awk '$3 ~ /'"${hw_addr}"'/ {print $1}')"
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', found interface: '${ifname}'" >&2
if [ -n "$ifname" ]; then
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', adding VLAN interface..." >&2
ip link set dev "${ifname}" up || true
ip link add link "${ifname}" name "${ifname}.${vlan_id}" type vlan id "${vlan_id}" || true
ip link set "${ifname}.${vlan_id}" up || true
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', added VLAN interface: '${ifname}.${vlan_id}'" >&2
return 0
else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no interface found for hw_addr." >&2
return 3
fi
else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no hw_addr found in kernel commandline." >&2
return 2
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no hw_addr found in kernel commandline; default ifname to eth0." >&2
ifname="eth0"
fi

if [ -n "$ifname" ]; then
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', adding VLAN interface..." >&2
ip link set dev "${ifname}" up || true
ip link add link "${ifname}" name "${ifname}.${vlan_id}" type vlan id "${vlan_id}" || true
ip link set "${ifname}.${vlan_id}" up || true
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', added VLAN interface: '${ifname}.${vlan_id}'" >&2
return 0
else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no interface found for hw_addr." >&2
return 3
fi

else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no vlan_id found in kernel commandline." >&2
return 1
Expand Down
23 changes: 23 additions & 0 deletions images/hook-ip/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add curl
RUN apk add --no-cache --initdb -p /out \
alpine-baselayout \
bash \
busybox \
iproute2 \
iptables \
ebtables \
ipvsadm \
bridge-utils \
musl \
sed

# Remove apk residuals
RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache

FROM scratch
ENTRYPOINT []
CMD []
WORKDIR /
COPY --from=mirror /out/ /
Comment on lines +1 to +23
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, why do we need this new image? i dont see any of these tools being used?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed. I just copied linuxkit/ip -- previously used directly -- from https://github.com/linuxkit/linuxkit/blob/master/pkg/ip/Dockerfile -- just to add sed (GNU sed) required for proper kernel cmdline parsing in the bash code. I discovered busybox's sed didn't really work when I tried actually passing a vlan_id=876 parameter and that failed.

As for the tools: I kept the original ones we had there, minus wireguard. I agree that probably most of them aren't used either.

3 changes: 2 additions & 1 deletion linuxkit-templates/hook.template.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
# - HOOK_KERNEL_IMAGE: ${HOOK_KERNEL_IMAGE}
# - HOOK_KERNEL_ID: ${HOOK_KERNEL_ID}
# - HOOK_KERNEL_VERSION: ${HOOK_KERNEL_VERSION}
# - HOOK_CONTAINER_IP_IMAGE: ${HOOK_CONTAINER_IP_IMAGE}
# - HOOK_CONTAINER_BOOTKIT_IMAGE: ${HOOK_CONTAINER_BOOTKIT_IMAGE}
# - HOOK_CONTAINER_DOCKER_IMAGE: ${HOOK_CONTAINER_DOCKER_IMAGE}
# - HOOK_CONTAINER_MDEV_IMAGE: ${HOOK_CONTAINER_MDEV_IMAGE}
Expand Down Expand Up @@ -38,7 +39,7 @@ onboot:
command: [ "modprobe", "cdc_ncm" ] # for usb ethernet dongles

- name: vlan
image: linuxkit/ip:v1.0.0
image: "${HOOK_CONTAINER_IP_IMAGE}"
capabilities:
- all
binds.add:
Expand Down
Loading