From 67bfedfe52ed2063ba3f0bff1cb71b1e807f4b89 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Mon, 21 Feb 2022 18:25:18 +0100 Subject: [dhcp-busybox] Add service to create additional bridges --- .../systemd/system/bridge-additional-nics.service | 10 +++++ .../bridge-additional-nics.service | 1 + .../openslx/scripts/systemd-bridge_additional_nics | 50 ++++++++++++++++++++++ .../data/opt/openslx/scripts/systemd-vbox_env | 24 ++++++++++- .../data/opt/openslx/scripts/systemd-vmware_env | 9 ++-- 5 files changed, 88 insertions(+), 6 deletions(-) create mode 100644 core/modules/dhcpc-busybox/data/etc/systemd/system/bridge-additional-nics.service create mode 120000 core/modules/dhcpc-busybox/data/etc/systemd/system/network.target.wants/bridge-additional-nics.service create mode 100755 core/modules/dhcpc-busybox/data/opt/openslx/scripts/systemd-bridge_additional_nics diff --git a/core/modules/dhcpc-busybox/data/etc/systemd/system/bridge-additional-nics.service b/core/modules/dhcpc-busybox/data/etc/systemd/system/bridge-additional-nics.service new file mode 100644 index 00000000..df36e015 --- /dev/null +++ b/core/modules/dhcpc-busybox/data/etc/systemd/system/bridge-additional-nics.service @@ -0,0 +1,10 @@ +[Unit] +Description=Setup bridges for addition network interfaces +Wants=systemd-udevd.service +After=systemd-udev-settle.service systemd-udevd.service +Before=network.target + +[Service] +Type=oneshot +ExecStart=/opt/openslx/scripts/systemd-bridge_additional_nics +RemainAfterExit=true diff --git a/core/modules/dhcpc-busybox/data/etc/systemd/system/network.target.wants/bridge-additional-nics.service b/core/modules/dhcpc-busybox/data/etc/systemd/system/network.target.wants/bridge-additional-nics.service new file mode 120000 index 00000000..948dc5d7 --- /dev/null +++ b/core/modules/dhcpc-busybox/data/etc/systemd/system/network.target.wants/bridge-additional-nics.service @@ -0,0 +1 @@ +../bridge-additional-nics.service \ No newline at end of file diff --git a/core/modules/dhcpc-busybox/data/opt/openslx/scripts/systemd-bridge_additional_nics b/core/modules/dhcpc-busybox/data/opt/openslx/scripts/systemd-bridge_additional_nics new file mode 100755 index 00000000..295483f9 --- /dev/null +++ b/core/modules/dhcpc-busybox/data/opt/openslx/scripts/systemd-bridge_additional_nics @@ -0,0 +1,50 @@ +#!/bin/bash +# +# Small script scanning sysfs for physical network interfaces +# and creating additional network bridges 'br-nic-[0-9]'. + +. /opt/openslx/config + +# do nothing if not netbooted +[ -z "$SLX_PXE_NETIF" ] && exit 0 +# or feature disabled +[ "$SLX_BRIDGE_OTHER_NICS" != "yes" ] && exit 0 + +declare -g id=1 +for nic in /sys/class/net/*; do + # The presence of this symlink pointing to the physical device + # seems to be the better way to detect them. + [ -h "${nic}/device" ] || continue + + # do not handle the primary interface + [ "$SLX_PXE_NETIF" = "${nic##*/}" ] && continue + + # physical nic found, create a bridge with the same MAC + bridge="br-nic-${id}" + mac="$(cat "${nic}/address")" + if ! [[ $mac =~ ^([0-9a-f]{2}:){5}[0-9a-f]{2}$ ]]; then + echo "'$mac' does not seem like a valid MAC address." + continue + fi + + ( + set -e + brctl addbr "$bridge" + brctl stp "$bridge" 0 + ip link set addr "$mac" "$bridge" + ip link set dev "${nic##*/}" up + brctl addif "$bridge" "${nic##*/}" + ip link set dev "$bridge" up + ) + ret=$? + if [ "$ret" != 0 ]; then + echo "Failed to setup additional bridge '$bridge' for '$nic'." + brctl delbr "$bridge" + continue + fi + + # all fine, increase counter and continue + (( id++ )) +done + +exit 0 diff --git a/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env b/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env index 8d2302bc..c3b08b01 100755 --- a/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env +++ b/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env @@ -21,6 +21,8 @@ VBOX_BASE_DIR="/usr/lib/virtualbox" VBOX_KMOD_DIR="/lib/modules/vbox" VBOX_MANAGE="${VBOX_BASE_DIR}/VBoxManage" +. /opt/openslx/config + # Runtime critical checks first # VBoxManage should be under /usr/lib/virtualbox if ! [ -d "${VBOX_BASE_DIR}" -o -x "${VBOX_MANAGE}" -o -d "${VBOX_KMOD_DIR}" ]; then @@ -54,10 +56,11 @@ mkdir -p "/tmp/virt/virtualbox" -m 1777 # reload udev rules since aufs'ing the layer on top do not trigger its inotify watch udevadm control --reload -# pretty dumb you can just create host-only interfaces, +# pretty dumb, you can only create host-only interfaces, # but not assign a specific name/number ${VBOX_MANAGE} hostonlyif create ip link set dev vboxnet0 up +[ "$SLX_JUMBO_FRAMES" = "yes" ] && ip link set dev vboxnet0 mtu 9000 brctl addif br0 vboxnet0 ${VBOX_MANAGE} hostonlyif create @@ -68,4 +71,23 @@ ${VBOX_MANAGE} hostonlyif create ip link set dev vboxnet2 up brctl addif vsw2 vboxnet2 +if [ "$SLX_BRIDGE_OTHER_NICS" = "yes" ]; then + # These will have been set up in our init, or by bridge-other-nics.service + NICS=$( ls -1 /sys/class/net | grep '^br-nic-' | cut -c 8- ) + vboxnet=3 + for nic in $NICS; do + if ! [ "$nic" -gt 0 ] && ! [ "$nic" -eq 0 ]; then + slxlog "vbox-other-nics" "NaN: br-nic-X has X='$nic'" + continue + fi + # create vboxnet10 - vboxnetN for these + ${VBOX_MANAGE} hostonlyif create + brctl addif "br-nic-${nic}" "vboxnet${vboxnet}" + vboxnet="$(( vboxnet + 1 ))" + done +fi + +# trigger reload of iptables stuff (it's using inotify) +touch /opt/openslx/iptables/rules.d/empty + exit 0 diff --git a/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env b/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env index d54b66af..4e7875db 100755 --- a/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env +++ b/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env @@ -66,15 +66,14 @@ vmnetif () { vmnet_create "$vmnet" done # Set the vmware interface to 9000 too, as br0 will use the smallest of all slave devices - [ "x$SLX_JUMBO_FRAMES" = "xyes" ] && ip link set dev vmnet0 mtu 9000 + [ "$SLX_JUMBO_FRAMES" = "yes" ] && ip link set dev vmnet0 mtu 9000 # setup bridge (vmnet0), nat (vmnet1) and software defined networking (vmnet2) interfaces brctl addif br0 vmnet0 brctl addif nat1 vmnet1 brctl addif vsw2 vmnet2 # 2) see if we should bridge additional interfaces - NICS= if [ "$SLX_BRIDGE_OTHER_NICS" = "yes" ]; then - # These will have been set up in our init + # These will have been set up in our init, or by bridge-other-nics.service NICS=$( ls -1 /sys/class/net | grep '^br-nic-' | cut -c 8- ) vmnet=10 for nic in $NICS; do @@ -88,8 +87,8 @@ vmnetif () { vmnet="$(( vmnet + 1 ))" done fi - # Printergui rules etc. - systemctl --no-block restart openslx-iptables.service + # trigger reload of iptables stuff (it's using inotify) + touch /opt/openslx/iptables/rules.d/empty } vmblock () { -- cgit v1.2.3-55-g7522