On Tue, Jan 29, 2013 at 1:57 PM, Canek Peláez Valdés <can...@gmail.com> wrote: > On Tue, Jan 29, 2013 at 10:32 AM, Stefan G. Weichinger <li...@xunil.at> wrote: >> Am 28.01.2013 22:49, schrieb Stefan G. Weichinger: >> >>>>> ps: my bigger hurdle will be the bridging-setup for running >>>>> KVM-virtualization. This was one of the reasons to go back to openrc >>>>> back then. >>>> >>>> I have no experience with that, but if it works in OpenRC it should >>>> work in systemd. Probably better, even. >>> >>> I don't think it won't work, I just wonder how to do it in the right and >>> most efficient way. I will think about that later/tomorrow maybe, >>> already late here ... >> >> I have a *draft* here for bridge.service ... I used the init.d-script >> from here as a template: >> >> http://en.gentoo-wiki.com/wiki/KVM#Script_to_ease_the_configuration >> >> (I used a variation of that as /etc/init.d/kvm for long now) >> >> My service-file reads variables from a separated configfile: >> >> # cat /etc/conf.d/network_systemd >> interface=eth0 >> address=172.32.99.12 >> netmask=255.255.255.0 >> broadcast=172.32.99.255 >> gateway=172.32.99.250 >> bridge_name=br0 >> tap_name=qtap0 >> user=sgw >> >> >> and it currently looks like this: >> >> # cat /etc/systemd/system/bridge.service >> [Unit] >> Description=network bridge for KVM >> After=network.target >> >> [Service] >> Type=oneshot >> RemainAfterExit=yes >> >> EnvironmentFile=/etc/conf.d/network_systemd >> >> ExecStart=/sbin/brctl addbr ${bridge_name} >> ExecStart=/usr/bin/tunctl -b -u ${user} -t ${tap_name} >> ExecStart=/bin/ifconfig ${bridge_name} ${address} netmask ${netmask} up >> ExecStart=/bin/ifconfig ${interface} up >> ExecStart=/bin/ifconfig ${tap_name} up 0.0.0.0 promisc >> ExecStart=/sbin/brctl addif ${bridge_name} ${tap_name} ${interface} >> ExecStart=/sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=1 >> ExecStart=iptables -t nat -A POSTROUTING -o ${interface} -j MASQUERADE >> ExecStart=/bin/ip route add default via ${gateway} >> >> ExecStop=/bin/ip route del default via ${gateway} >> ExecStop=/sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=0 >> ExecStop=/bin/ifconfig ${tap_name} down >> ExecStop=/sbin/brctl delif ${bridge_name} ${tap_name} >> ExecStop=/usr/bin/tunctl -d ${tap_name} >> ExecStop=/bin/ifconfig ${bridge_name} down >> ExecStop=/bin/ifconfig ${interface} down >> ExecStop=/sbin/brctl delbr ${bridge_name} >> ExecStop=iptables -t nat -D POSTROUTING -o ${interface} -j MASQUERADE >> >> [Install] >> WantedBy=multi-user.target >> >> ---------- >> >> I disabled network.service and enabled bridge.service, works fine so >> far, I already tested connectivity from KVM-VMs. >> >> I am sure that this quite fresh and bloody, suggestions welcome as >> always ... > > If it works, it works. It just looks... wrong :D > > If you really need so much commands from your unit, you can use a script: > > ------------------------------------------------------------------------ > $ cat /usr/local/bin/kvm-brigdge > #!/bin/sh > > source /etc/conf.d/network_systemd > > case "${1}" in > start) > /sbin/brctl addbr ${bridge_name} > /usr/bin/tunctl -b -u ${user} -t ${tap_name} > /bin/ifconfig ${bridge_name} ${address} netmask ${netmask} up > /bin/ifconfig ${interface} up > /bin/ifconfig ${tap_name} up 0.0.0.0 promisc > /sbin/brctl addif ${bridge_name} ${tap_name} ${interface} > /sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=1 > iptables -t nat -A POSTROUTING -o ${interface} -j MASQUERADE > /bin/ip route add default via ${gateway} > ;; > stop) > /bin/ip route del default via ${gateway} > /sbin/sysctl net.ipv4.conf.${bridge_name}.forwarding=0 > /bin/ifconfig ${tap_name} down > /sbin/brctl delif ${bridge_name} ${tap_name} > /usr/bin/tunctl -d ${tap_name} > /bin/ifconfig ${bridge_name} down > /bin/ifconfig ${interface} down > /sbin/brctl delbr ${bridge_name} > iptables -t nat -D POSTROUTING -o ${interface} -j MASQUERADE > ;; > esac > > ------------------------------------------------------------------------ > $ cat /etc/systemd/system/kvm-bridge.service > [Unit] > Description=network bridge for KVM > After=network.target > > [Service] > Type=oneshot > RemainAfterExit=yes > > ExecStart=/usr/local/bin/kvm-brigdge start > ExecStop=/usr/local/bin/kvm-brigdge stop > > [Install] > WantedBy=multi-user.target > > As I have been saying all this years: that systemd can work without > using scripts, doesn't mean that it isn't able to use them. I use a > couple of them myself; I think this is a perfect example of one. Your > unit file then it's small and simple, as all of them should be. > > Remember that /usr/local/bin/kvm-brigdge needs to be executable.
I'll note that in your version, you're ignoring the exit statuses of each of those commands. From a correctness standpoint, I prefer Stefan's version. -- :wq
