diff options
| author | Karel Kočí <cynerd@email.cz> | 2016-12-27 12:59:54 +0100 |
|---|---|---|
| committer | Karel Kočí <cynerd@email.cz> | 2016-12-27 12:59:54 +0100 |
| commit | f2f8cf509625c427b07bf52f749df9e1aef45799 (patch) | |
| tree | 6baea48647d5e7cbe346304405a121347b0ec439 /local/bin/lxc-net | |
| parent | ce7a67094a300188643511a7794bb555fdce28d1 (diff) | |
| download | myconfigs-f2f8cf509625c427b07bf52f749df9e1aef45799.tar.gz myconfigs-f2f8cf509625c427b07bf52f749df9e1aef45799.tar.bz2 myconfigs-f2f8cf509625c427b07bf52f749df9e1aef45799.zip | |
Implement lxc network setup script
This script prepares bridge for lxc containers.
Diffstat (limited to 'local/bin/lxc-net')
| -rwxr-xr-x | local/bin/lxc-net | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/local/bin/lxc-net b/local/bin/lxc-net new file mode 100755 index 0000000..d7e4a17 --- /dev/null +++ b/local/bin/lxc-net @@ -0,0 +1,40 @@ +#!/bin/sh + +if [ "$(id -u)" -ne 0 ]; then + echo "Root required for execution" >&2 + exit 1 +fi + +# What if we want to clean +if [ "$1" = "clean" ]; then + kill $(cat /tmp/lxc-dhcpd.pid) + rm -f /tmp/lxc-dhcpd.pid /tmp/lxc-dhcpd.conf + ip link del name vbr0 +fi + +# Setup bridge +ip link add name vbr0 type bridge +ip link set vbr0 up +ip addr add 192.168.30.1/24 dev vbr0 + +# Start dhcp server + +# This just takes first dns nameserver configured. Maybe we might want to be +# little bit more clever. +DNS_SERVER=$(cat /etc/resolv.conf |grep -i nameserver|head -n1|cut -d ' ' -f2) +echo "# DHCPD configuration generated by lxc-net script +authoritative; +default-lease-time 600; +max-lease-time 7200; +option subnet-mask 255.255.255.0; +option broadcast-address 192.168.30.255; +option routers 192.168.30.1; +option domain-name-servers $DNS_SERVER; +subnet 192.168.30.0 netmask 255.255.255.0 { + range 192.168.30.10 192.168.30.100; +}" > /tmp/lxc-dhcpd.conf +dhcpd -4 -pf /tmp/lxc-dhcpd.pid -cf /tmp/lxc-dhcpd.conf vbr0 + +# Setup network forwarding (TODO add -o ethX to iptable command) +sysctl net.ipv4.ip_forward=1 +iptables -t nat -A POSTROUTING -j MASQUERADE |