Skip to content

Commit

Permalink
hook: fix vlan handling (#238)
Browse files Browse the repository at this point in the history 
#### hook: vlan.sh: fix 'parse_cmdline' bug; if no hw_addr specified, default ifname to eth0

- `parse_cmdline` is actually `parse_kernel_cmdline_for`
- no reason to double-newline results
- allow for simple vlan_id=xxx without hwaddr for single-interface or first-interface VLAN scenarios

Signed-off-by: Ricardo Pardini <[email protected]>

#### hook: introduce hook-ip container for vlan.sh

- Based on linuxkit/ip pkg, sans wireguard stuff; add GNU sed needed for /proc/cmdline parsing

Signed-off-by: Ricardo Pardini <[email protected]>
  • Loading branch information
@mergify
mergify[bot] authored Aug 27, 2024
2 parents 9dc7c7d + 145a877 commit 526b4a3
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 21 deletions.
1 change: 1 addition & 0 deletions bash/hook-lk-containers.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ function build_all_hook_linuxkit_containers() {
# when adding new container builds here you'll also want to add them to the
# `linuxkit_build` function in the linuxkit.sh file.
# # NOTE: linuxkit containers must be in the images/ directory
build_hook_linuxkit_container hook-ip HOOK_CONTAINER_IP_IMAGE
build_hook_linuxkit_container hook-bootkit HOOK_CONTAINER_BOOTKIT_IMAGE
build_hook_linuxkit_container hook-docker HOOK_CONTAINER_DOCKER_IMAGE
build_hook_linuxkit_container hook-mdev HOOK_CONTAINER_MDEV_IMAGE
Expand Down
5 changes: 3 additions & 2 deletions bash/linuxkit.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ function linuxkit_build() {
fi

# Build the containers in this repo used in the LinuxKit YAML;
build_all_hook_linuxkit_containers # sets HOOK_CONTAINER_BOOTKIT_IMAGE, HOOK_CONTAINER_DOCKER_IMAGE, HOOK_CONTAINER_MDEV_IMAGE, HOOK_CONTAINER_CONTAINERD_IMAGE
build_all_hook_linuxkit_containers # sets HOOK_CONTAINER_IP_IMAGE, HOOK_CONTAINER_BOOTKIT_IMAGE, HOOK_CONTAINER_DOCKER_IMAGE, HOOK_CONTAINER_MDEV_IMAGE, HOOK_CONTAINER_CONTAINERD_IMAGE

# Template the linuxkit configuration file.
# - You'd think linuxkit would take --build-args or something by now, but no.
Expand All @@ -64,12 +64,13 @@ function linuxkit_build() {
# shellcheck disable=SC2016 # I'm using single quotes to avoid shell expansion, envsubst wants the dollar signs.
cat "linuxkit-templates/${kernel_info['TEMPLATE']}.template.yaml" |
HOOK_KERNEL_IMAGE="${kernel_oci_image}" HOOK_KERNEL_ID="${inventory_id}" HOOK_KERNEL_VERSION="${kernel_oci_version}" \
HOOK_CONTAINER_IP_IMAGE="${HOOK_CONTAINER_IP_IMAGE}" \
HOOK_CONTAINER_BOOTKIT_IMAGE="${HOOK_CONTAINER_BOOTKIT_IMAGE}" \
HOOK_CONTAINER_DOCKER_IMAGE="${HOOK_CONTAINER_DOCKER_IMAGE}" \
HOOK_CONTAINER_MDEV_IMAGE="${HOOK_CONTAINER_MDEV_IMAGE}" \
HOOK_CONTAINER_CONTAINERD_IMAGE="${HOOK_CONTAINER_CONTAINERD_IMAGE}" \
HOOK_CONTAINER_RUNC_IMAGE="${HOOK_CONTAINER_RUNC_IMAGE}" \
envsubst '$HOOK_VERSION $HOOK_KERNEL_IMAGE $HOOK_KERNEL_ID $HOOK_KERNEL_VERSION $HOOK_CONTAINER_BOOTKIT_IMAGE $HOOK_CONTAINER_DOCKER_IMAGE $HOOK_CONTAINER_MDEV_IMAGE $HOOK_CONTAINER_CONTAINERD_IMAGE $HOOK_CONTAINER_RUNC_IMAGE' \
envsubst '$HOOK_VERSION $HOOK_KERNEL_IMAGE $HOOK_KERNEL_ID $HOOK_KERNEL_VERSION $HOOK_CONTAINER_IP_IMAGE $HOOK_CONTAINER_BOOTKIT_IMAGE $HOOK_CONTAINER_DOCKER_IMAGE $HOOK_CONTAINER_MDEV_IMAGE $HOOK_CONTAINER_CONTAINERD_IMAGE $HOOK_CONTAINER_RUNC_IMAGE' \
> "hook.${inventory_id}.yaml"

declare -g linuxkit_bin=""
Expand Down
37 changes: 19 additions & 18 deletions files/vlan.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ function parse_kernel_cmdline_for() {
if [ -z "${result}" ]; then
return 1
else
printf "%s\n" "$result"
printf "%s" "$result"
fi
}

Expand All @@ -43,15 +43,14 @@ function add_vlan_interface() {

# check if hw_addr are set in the kernel commandline, otherwise return.
if ! kernel_cmdline_exists hw_addr; then
echo "No hw_addr=xx:xx:xx:xx:xx:xx set in kernel commandline; no VLAN handling." >&2
return
echo "No hw_addr=xx:xx:xx:xx:xx:xx set in kernel commandline." >&2
fi

echo "Starting VLAN handling, parsing..." >&2

declare vlan_id hw_addr
vlan_id="$(parse_cmdline vlan_id)"
hw_addr="$(parse_cmdline hw_addr)"
vlan_id="$(parse_kernel_cmdline_for vlan_id)"
hw_addr="$(parse_kernel_cmdline_for hw_addr)"

echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}'" >&2

Expand All @@ -60,21 +59,23 @@ function add_vlan_interface() {
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', searching for interface..." >&2
ifname="$(ip -br link | awk '$3 ~ /'"${hw_addr}"'/ {print $1}')"
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', found interface: '${ifname}'" >&2
if [ -n "$ifname" ]; then
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', adding VLAN interface..." >&2
ip link set dev "${ifname}" up || true
ip link add link "${ifname}" name "${ifname}.${vlan_id}" type vlan id "${vlan_id}" || true
ip link set "${ifname}.${vlan_id}" up || true
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', added VLAN interface: '${ifname}.${vlan_id}'" >&2
return 0
else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no interface found for hw_addr." >&2
return 3
fi
else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no hw_addr found in kernel commandline." >&2
return 2
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no hw_addr found in kernel commandline; default ifname to eth0." >&2
ifname="eth0"
fi

if [ -n "$ifname" ]; then
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', adding VLAN interface..." >&2
ip link set dev "${ifname}" up || true
ip link add link "${ifname}" name "${ifname}.${vlan_id}" type vlan id "${vlan_id}" || true
ip link set "${ifname}.${vlan_id}" up || true
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', added VLAN interface: '${ifname}.${vlan_id}'" >&2
return 0
else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no interface found for hw_addr." >&2
return 3
fi

else
echo "VLAN handling - vlan_id: '${vlan_id}', hw_addr: '${hw_addr}', no vlan_id found in kernel commandline." >&2
return 1
Expand Down
23 changes: 23 additions & 0 deletions images/hook-ip/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add curl
RUN apk add --no-cache --initdb -p /out \
alpine-baselayout \
bash \
busybox \
iproute2 \
iptables \
ebtables \
ipvsadm \
bridge-utils \
musl \
sed

# Remove apk residuals
RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache

FROM scratch
ENTRYPOINT []
CMD []
WORKDIR /
COPY --from=mirror /out/ /
3 changes: 2 additions & 1 deletion linuxkit-templates/hook.template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
# - HOOK_KERNEL_IMAGE: ${HOOK_KERNEL_IMAGE}
# - HOOK_KERNEL_ID: ${HOOK_KERNEL_ID}
# - HOOK_KERNEL_VERSION: ${HOOK_KERNEL_VERSION}
# - HOOK_CONTAINER_IP_IMAGE: ${HOOK_CONTAINER_IP_IMAGE}
# - HOOK_CONTAINER_BOOTKIT_IMAGE: ${HOOK_CONTAINER_BOOTKIT_IMAGE}
# - HOOK_CONTAINER_DOCKER_IMAGE: ${HOOK_CONTAINER_DOCKER_IMAGE}
# - HOOK_CONTAINER_MDEV_IMAGE: ${HOOK_CONTAINER_MDEV_IMAGE}
Expand Down Expand Up @@ -38,7 +39,7 @@ onboot:
command: [ "modprobe", "cdc_ncm" ] # for usb ethernet dongles

- name: vlan
image: linuxkit/ip:v1.0.0
image: "${HOOK_CONTAINER_IP_IMAGE}"
capabilities:
- all
binds.add:
Expand Down

0 comments on commit 526b4a3

Please sign in to comment.