From f2f8cf509625c427b07bf52f749df9e1aef45799 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Tue, 27 Dec 2016 12:59:54 +0100 Subject: Implement lxc network setup script This script prepares bridge for lxc containers. --- local/bin/lxc-net | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100755 local/bin/lxc-net (limited to 'local/bin') diff --git a/local/bin/lxc-net b/local/bin/lxc-net new file mode 100755 index 0000000..d7e4a17 --- /dev/null +++ b/local/bin/lxc-net @@ -0,0 +1,40 @@ +#!/bin/sh + +if [ "$(id -u)" -ne 0 ]; then + echo "Root required for execution" >&2 + exit 1 +fi + +# What if we want to clean +if [ "$1" = "clean" ]; then + kill $(cat /tmp/lxc-dhcpd.pid) + rm -f /tmp/lxc-dhcpd.pid /tmp/lxc-dhcpd.conf + ip link del name vbr0 +fi + +# Setup bridge +ip link add name vbr0 type bridge +ip link set vbr0 up +ip addr add 192.168.30.1/24 dev vbr0 + +# Start dhcp server + +# This just takes first dns nameserver configured. Maybe we might want to be +# little bit more clever. +DNS_SERVER=$(cat /etc/resolv.conf |grep -i nameserver|head -n1|cut -d ' ' -f2) +echo "# DHCPD configuration generated by lxc-net script +authoritative; +default-lease-time 600; +max-lease-time 7200; +option subnet-mask 255.255.255.0; +option broadcast-address 192.168.30.255; +option routers 192.168.30.1; +option domain-name-servers $DNS_SERVER; +subnet 192.168.30.0 netmask 255.255.255.0 { + range 192.168.30.10 192.168.30.100; +}" > /tmp/lxc-dhcpd.conf +dhcpd -4 -pf /tmp/lxc-dhcpd.pid -cf /tmp/lxc-dhcpd.conf vbr0 + +# Setup network forwarding (TODO add -o ethX to iptable command) +sysctl net.ipv4.ip_forward=1 +iptables -t nat -A POSTROUTING -j MASQUERADE -- cgit v1.2.3