[lxc-devel] Problem when using same vlan.id for multiple vlan interfaces
Hello,
First, thanks a lot for your good work!
We are using LXC in the CONFINE project (confine-project.eu) to provide
researchers with a virtualized linux evironment in a distributed testbed.
We found a problem when a container config looks like this (uses the
same vlan id for several type=vlan container interfaces):
lxc.network.type = vlan
lxc.network.flags = up
lxc.network.link = eth1
lxc.network.vlan.id = 3842
lxc.network.name = iso0
lxc.network.type = vlan
lxc.network.flags = up
lxc.network.link = eth2
lxc.network.vlan.id = 3842
lxc.network.name = iso1
Then, during the instantiation of the vlan interfaces an error occurs
because the lxc code tries to assign the same name to both of them
before it is bound into the container.
Maybe you can have a look at the following patch which solves the problem
(see also here:
https://github.com/axn/lxc/commit/32fb8a007a95ad4beb9d9d7dade032a50f5da0db
)
and consider this or an alternative solution for your 0.8.0 branch.
Thanks a lot
/axel
neumann@sid:/usr/src/lxc/lxc.git$ git diff HEAD^
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index e8088bb..4f21464 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1733,13 +1733,14 @@ static int instanciate_vlan(struct lxc_handler
*handler, struct lxc_netdev *netd
{
char peer[IFNAMSIZ];
int err;
+static uint16_t vlan_cntr = 0;
if (!netdev->link) {
ERROR("no link specified for vlan netdev");
return -1;
- }
+}
- snprintf(peer, sizeof(peer), "vlan%d", netdev->priv.vlan_attr.vid);
+snprintf(peer, sizeof (peer), "vlan%d-%d",
netdev->priv.vlan_attr.vid, vlan_cntr++);
err = lxc_vlan_create(netdev->link, peer,
netdev->priv.vlan_attr.vid);
if (err) {
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] Problem when using same vlan.id for multiple vlan interfaces
Hello,
First, thanks a lot for your good work!
We are using LXC in the CONFINE project (confine-project.eu) to provide
researchers with a virtualized linux evironment in a distributed testbed.
We found a problem when a container config looks like this (uses the
same vlan id for several type=vlan container interfaces):
lxc.network.type = vlan
lxc.network.flags = up
lxc.network.link = eth1
lxc.network.vlan.id = 3842
lxc.network.name = iso0
lxc.network.type = vlan
lxc.network.flags = up
lxc.network.link = eth2
lxc.network.vlan.id = 3842
lxc.network.name = iso1
Then, during the instantiation of the vlan interfaces an error occurs
because the lxc code tries to assign the same name to both of them
before it is bound into the container.
Maybe you can have a look at the following patch which solves the problem
(see also here:
https://github.com/axn/lxc/commit/32fb8a007a95ad4beb9d9d7dade032a50f5da0db
)
and consider this or an alternative solution for your 0.8.0 branch.
Thanks a lot
/axel
neumann@sid:/usr/src/lxc/lxc.git$ git diff HEAD^
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index e8088bb..4f21464 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1733,13 +1733,14 @@ static int instanciate_vlan(struct lxc_handler
*handler, struct lxc_netdev *netd
{
char peer[IFNAMSIZ];
int err;
+static uint16_t vlan_cntr = 0;
if (!netdev->link) {
ERROR("no link specified for vlan netdev");
return -1;
- }
+}
- snprintf(peer, sizeof(peer), "vlan%d", netdev->priv.vlan_attr.vid);
+snprintf(peer, sizeof (peer), "vlan%d-%d",
netdev->priv.vlan_attr.vid, vlan_cntr++);
err = lxc_vlan_create(netdev->link, peer,
netdev->priv.vlan_attr.vid);
if (err) {
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH] lxc-wait: Add timeout option
Allow to specify a timeout for waiting on state changes via lxc-wait.
Helpful for scripts that need to handle errors or excessive delays in
state changing procedures.
Signed-off-by: Jan Kiszka
---
doc/lxc-wait.sgml.in | 11 +++
src/lxc/arguments.h |1 +
src/lxc/lxc_wait.c | 16 +++-
3 files changed, 27 insertions(+), 1 deletions(-)
diff --git a/doc/lxc-wait.sgml.in b/doc/lxc-wait.sgml.in
index 97a4c39..f30e0c3 100644
--- a/doc/lxc-wait.sgml.in
+++ b/doc/lxc-wait.sgml.in
@@ -79,6 +79,17 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA
+
+
+ -t timeout
+
+
+
+ Wait timeout seconds for desired state to be reached.
+
+
+
+
diff --git a/src/lxc/arguments.h b/src/lxc/arguments.h
index 40f0d6c..3c9d28f 100644
--- a/src/lxc/arguments.h
+++ b/src/lxc/arguments.h
@@ -57,6 +57,7 @@ struct lxc_arguments {
/* for lxc-wait */
char *states;
+ long timeout;
/* close fds from parent? */
int close_all_fds;
diff --git a/src/lxc/lxc_wait.c b/src/lxc/lxc_wait.c
index a58e0c8..d7a69bc 100644
--- a/src/lxc/lxc_wait.c
+++ b/src/lxc/lxc_wait.c
@@ -24,6 +24,8 @@
#include
#include
#include
+#include
+#include
#include
#include
@@ -46,12 +48,14 @@ static int my_parser(struct lxc_arguments* args, int c,
char* arg)
{
switch (c) {
case 's': args->states = optarg; break;
+ case 't': args->timeout = atol(optarg); break;
}
return 0;
}
static const struct option my_longopts[] = {
{"state", required_argument, 0, 's'},
+ {"timeout", required_argument, 0, 't'},
LXC_COMMON_OPTIONS
};
@@ -66,7 +70,8 @@ Options :\n\
-n, --name=NAME NAME for name of the container\n\
-s, --state=STATE ORed states to wait for\n\
STOPPED, STARTING, RUNNING, STOPPING,\n\
-ABORTING, FREEZING, FROZEN\n",
+ABORTING, FREEZING, FROZEN\n\
+ -t, --timeout=TMO Seconds to wait for state changes\n",
.options = my_longopts,
.parser = my_parser,
.checker = my_checker,
@@ -91,6 +96,11 @@ static int fillwaitedstates(char *strstates, int *states)
return 0;
}
+static void timeout_handler(int signal)
+{
+ exit(-1);
+}
+
int main(int argc, char *argv[])
{
struct lxc_msg msg;
@@ -124,6 +134,9 @@ int main(int argc, char *argv[])
goto out_close;
}
+ signal(SIGALRM, timeout_handler);
+ alarm(my_args.timeout);
+
for (;;) {
if (lxc_monitor_read(fd, &msg) < 0)
goto out_close;
@@ -140,6 +153,7 @@ int main(int argc, char *argv[])
}
if (s[msg.value]) {
+ alarm(0);
ret = 0;
goto out_close;
}
--
1.7.3.4
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH] Add network-down script
Analogously to lxc.network.script.up, add the ability to register a down
script. It is called before the guest network is finally destroyed,
allowing to clean up resources that are not reset/destroyed
automatically. Parameters of the down script are identical to the up
script except for the execution context "down".
Signed-off-by: Jan Kiszka
---
doc/lxc.conf.sgml.in | 20 +++
src/lxc/conf.c | 94 +++---
src/lxc/conf.h |6 +++-
src/lxc/confile.c|5 +++
src/lxc/start.c |7 +++-
5 files changed, 124 insertions(+), 8 deletions(-)
diff --git a/doc/lxc.conf.sgml.in b/doc/lxc.conf.sgml.in
index 9edabf8..2b1a4a5 100644
--- a/doc/lxc.conf.sgml.in
+++ b/doc/lxc.conf.sgml.in
@@ -374,6 +374,26 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA
+
+
+
+ lxc.network.script.down
+
+
+
+ add a configuration option to specify a script to be
+ executed before destroying the network used from the
+ host side. The following arguments are passed to the
+ script: container name and config section name (net)
+ Additional arguments depend on the config section
+ employing a script hook; the following are used by the
+ network system: execution context (down), network type
+ (empty/veth/macvlan/phys), Depending on the network
+ type, other arguments may be passed:
+ veth/macvlan/phys. And finally (host-sided) device name.
+
+
+
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index e8088bb..1043342 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -134,6 +134,20 @@ static instanciate_cb netdev_conf[LXC_NET_MAXCONFTYPE +
1] = {
[LXC_NET_EMPTY] = instanciate_empty,
};
+static int shutdown_veth(struct lxc_handler *, struct lxc_netdev *);
+static int shutdown_macvlan(struct lxc_handler *, struct lxc_netdev *);
+static int shutdown_vlan(struct lxc_handler *, struct lxc_netdev *);
+static int shutdown_phys(struct lxc_handler *, struct lxc_netdev *);
+static int shutdown_empty(struct lxc_handler *, struct lxc_netdev *);
+
+static instanciate_cb netdev_deconf[LXC_NET_MAXCONFTYPE + 1] = {
+ [LXC_NET_VETH]= shutdown_veth,
+ [LXC_NET_MACVLAN] = shutdown_macvlan,
+ [LXC_NET_VLAN]= shutdown_vlan,
+ [LXC_NET_PHYS]= shutdown_phys,
+ [LXC_NET_EMPTY] = shutdown_empty,
+};
+
static struct mount_opt mount_opt[] = {
{ "defaults", 0, 0 },
{ "ro",0, MS_RDONLY },
@@ -1606,6 +1620,8 @@ static int instanciate_veth(struct lxc_handler *handler,
struct lxc_netdev *netd
else {
snprintf(veth1buf, sizeof(veth1buf), "vethXX");
veth1 = mktemp(veth1buf);
+ /* store away for deconf */
+ memcpy(netdev->priv.veth_attr.veth1, veth1, IFNAMSIZ);
}
snprintf(veth2buf, sizeof(veth2buf), "vethXX");
@@ -1682,6 +1698,25 @@ out_delete:
return -1;
}
+static int shutdown_veth(struct lxc_handler *handler, struct lxc_netdev
*netdev)
+{
+ char *veth1;
+ int err;
+
+ if (netdev->priv.veth_attr.pair)
+ veth1 = netdev->priv.veth_attr.pair;
+ else
+ veth1 = netdev->priv.veth_attr.veth1;
+
+ if (netdev->downscript) {
+ err = run_script(handler->name, "net", netdev->downscript,
+"down", "veth", veth1, (char*) NULL);
+ if (err)
+ return -1;
+ }
+ return 0;
+}
+
static int instanciate_macvlan(struct lxc_handler *handler, struct lxc_netdev
*netdev)
{
char peerbuf[IFNAMSIZ], *peer;
@@ -1728,6 +1763,20 @@ static int instanciate_macvlan(struct lxc_handler
*handler, struct lxc_netdev *n
return 0;
}
+static int shutdown_macvlan(struct lxc_handler *handler, struct lxc_netdev
*netdev)
+{
+ int err;
+
+ if (netdev->downscript) {
+ err = run_script(handler->name, "net", netdev->downscript,
+"down", "macvlan", netdev->link,
+(char*) NULL);
+ if (err)
+ return -1;
+ }
+ return 0;
+}
+
/* XXX: merge with instanciate_macvlan */
static int instanciate_vlan(struct lxc_handler *handler, struct lxc_netdev
*netdev)
{
@@ -1761,6 +1810,11 @@ static int instanciate_vlan(struct lxc_handler *handler,
struct lxc_netdev *netd
return 0;
}
+static int shutdown_vlan(struct lxc_handler *handler, struct lxc_netdev
*netdev)
+{
+ return 0;
+}
+
static int instanciate_phys(struct lxc_handler *handler, struct lxc_netdev
*netdev)
{
if (!netdev->link) {
@@ -1785,6 +1839,19 @@ static int instanciate_phys(struct
Re: [lxc-devel] [PATCH] lxc-wait: Add timeout option
Quoting Jan Kiszka (jan.kis...@siemens.com):
> Allow to specify a timeout for waiting on state changes via lxc-wait.
> Helpful for scripts that need to handle errors or excessive delays in
> state changing procedures.
Hi,
in our lxc-api tree
(https://code.launchpad.net/~ubuntu-lxc/ubuntu/quantal/lxc/lxc-api-and-python/)
I've added changed src/lxc/state.c:lxc_wait() to take an optional
timeout value (0 means don't wait, -1 means wait forever), and use
select, to implement wait with timeout. It is only used by our
lxc_container->wait, not by src/lxc/lxc_wait.c which in our tree
passes in -1 to wait forever. Ideally our patches would be combined.
> Signed-off-by: Jan Kiszka
> ---
> doc/lxc-wait.sgml.in | 11 +++
> src/lxc/arguments.h |1 +
> src/lxc/lxc_wait.c | 16 +++-
> 3 files changed, 27 insertions(+), 1 deletions(-)
>
> diff --git a/doc/lxc-wait.sgml.in b/doc/lxc-wait.sgml.in
> index 97a4c39..f30e0c3 100644
> --- a/doc/lxc-wait.sgml.in
> +++ b/doc/lxc-wait.sgml.in
> @@ -79,6 +79,17 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
> 02111-1307 USA
>
>
>
> +
> +
> + -t timeout
> +
> +
> +
> + Wait timeout seconds for desired state to be reached.
> +
> +
> +
> +
>
>
>
> diff --git a/src/lxc/arguments.h b/src/lxc/arguments.h
> index 40f0d6c..3c9d28f 100644
> --- a/src/lxc/arguments.h
> +++ b/src/lxc/arguments.h
> @@ -57,6 +57,7 @@ struct lxc_arguments {
>
> /* for lxc-wait */
> char *states;
> + long timeout;
>
> /* close fds from parent? */
> int close_all_fds;
> diff --git a/src/lxc/lxc_wait.c b/src/lxc/lxc_wait.c
> index a58e0c8..d7a69bc 100644
> --- a/src/lxc/lxc_wait.c
> +++ b/src/lxc/lxc_wait.c
> @@ -24,6 +24,8 @@
> #include
> #include
> #include
> +#include
> +#include
> #include
>
> #include
> @@ -46,12 +48,14 @@ static int my_parser(struct lxc_arguments* args, int c,
> char* arg)
> {
> switch (c) {
> case 's': args->states = optarg; break;
> + case 't': args->timeout = atol(optarg); break;
> }
> return 0;
> }
>
> static const struct option my_longopts[] = {
> {"state", required_argument, 0, 's'},
> + {"timeout", required_argument, 0, 't'},
> LXC_COMMON_OPTIONS
> };
>
> @@ -66,7 +70,8 @@ Options :\n\
>-n, --name=NAME NAME for name of the container\n\
>-s, --state=STATE ORed states to wait for\n\
> STOPPED, STARTING, RUNNING, STOPPING,\n\
> -ABORTING, FREEZING, FROZEN\n",
> +ABORTING, FREEZING, FROZEN\n\
> + -t, --timeout=TMO Seconds to wait for state changes\n",
> .options = my_longopts,
> .parser = my_parser,
> .checker = my_checker,
> @@ -91,6 +96,11 @@ static int fillwaitedstates(char *strstates, int *states)
> return 0;
> }
>
> +static void timeout_handler(int signal)
> +{
> + exit(-1);
> +}
> +
> int main(int argc, char *argv[])
> {
> struct lxc_msg msg;
> @@ -124,6 +134,9 @@ int main(int argc, char *argv[])
> goto out_close;
> }
>
> + signal(SIGALRM, timeout_handler);
> + alarm(my_args.timeout);
> +
> for (;;) {
> if (lxc_monitor_read(fd, &msg) < 0)
> goto out_close;
> @@ -140,6 +153,7 @@ int main(int argc, char *argv[])
> }
>
> if (s[msg.value]) {
> + alarm(0);
> ret = 0;
> goto out_close;
> }
> --
> 1.7.3.4
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH] Add network-down script
Quoting Jan Kiszka (jan.kis...@siemens.com):
> Analogously to lxc.network.script.up, add the ability to register a down
> script. It is called before the guest network is finally destroyed,
> allowing to clean up resources that are not reset/destroyed
> automatically. Parameters of the down script are identical to the up
> script except for the execution context "down".
>
> Signed-off-by: Jan Kiszka
Acked-by: Serge E. Hallyn
> ---
> doc/lxc.conf.sgml.in | 20 +++
> src/lxc/conf.c | 94
> +++---
> src/lxc/conf.h |6 +++-
> src/lxc/confile.c|5 +++
> src/lxc/start.c |7 +++-
> 5 files changed, 124 insertions(+), 8 deletions(-)
>
> diff --git a/doc/lxc.conf.sgml.in b/doc/lxc.conf.sgml.in
> index 9edabf8..2b1a4a5 100644
> --- a/doc/lxc.conf.sgml.in
> +++ b/doc/lxc.conf.sgml.in
> @@ -374,6 +374,26 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
> 02111-1307 USA
>
>
>
> +
> +
> +
> + lxc.network.script.down
> +
> +
> +
> + add a configuration option to specify a script to be
> + executed before destroying the network used from the
> + host side. The following arguments are passed to the
> + script: container name and config section name (net)
> + Additional arguments depend on the config section
> + employing a script hook; the following are used by the
> + network system: execution context (down), network type
> + (empty/veth/macvlan/phys), Depending on the network
> + type, other arguments may be passed:
> + veth/macvlan/phys. And finally (host-sided) device name.
> +
> +
> +
>
>
>
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index e8088bb..1043342 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -134,6 +134,20 @@ static instanciate_cb netdev_conf[LXC_NET_MAXCONFTYPE +
> 1] = {
> [LXC_NET_EMPTY] = instanciate_empty,
> };
>
> +static int shutdown_veth(struct lxc_handler *, struct lxc_netdev *);
> +static int shutdown_macvlan(struct lxc_handler *, struct lxc_netdev *);
> +static int shutdown_vlan(struct lxc_handler *, struct lxc_netdev *);
> +static int shutdown_phys(struct lxc_handler *, struct lxc_netdev *);
> +static int shutdown_empty(struct lxc_handler *, struct lxc_netdev *);
> +
> +static instanciate_cb netdev_deconf[LXC_NET_MAXCONFTYPE + 1] = {
> + [LXC_NET_VETH]= shutdown_veth,
> + [LXC_NET_MACVLAN] = shutdown_macvlan,
> + [LXC_NET_VLAN]= shutdown_vlan,
> + [LXC_NET_PHYS]= shutdown_phys,
> + [LXC_NET_EMPTY] = shutdown_empty,
> +};
> +
> static struct mount_opt mount_opt[] = {
> { "defaults", 0, 0 },
> { "ro",0, MS_RDONLY },
> @@ -1606,6 +1620,8 @@ static int instanciate_veth(struct lxc_handler
> *handler, struct lxc_netdev *netd
> else {
> snprintf(veth1buf, sizeof(veth1buf), "vethXX");
> veth1 = mktemp(veth1buf);
> + /* store away for deconf */
> + memcpy(netdev->priv.veth_attr.veth1, veth1, IFNAMSIZ);
> }
>
> snprintf(veth2buf, sizeof(veth2buf), "vethXX");
> @@ -1682,6 +1698,25 @@ out_delete:
> return -1;
> }
>
> +static int shutdown_veth(struct lxc_handler *handler, struct lxc_netdev
> *netdev)
> +{
> + char *veth1;
> + int err;
> +
> + if (netdev->priv.veth_attr.pair)
> + veth1 = netdev->priv.veth_attr.pair;
> + else
> + veth1 = netdev->priv.veth_attr.veth1;
> +
> + if (netdev->downscript) {
> + err = run_script(handler->name, "net", netdev->downscript,
> + "down", "veth", veth1, (char*) NULL);
> + if (err)
> + return -1;
> + }
> + return 0;
> +}
> +
> static int instanciate_macvlan(struct lxc_handler *handler, struct
> lxc_netdev *netdev)
> {
> char peerbuf[IFNAMSIZ], *peer;
> @@ -1728,6 +1763,20 @@ static int instanciate_macvlan(struct lxc_handler
> *handler, struct lxc_netdev *n
> return 0;
> }
>
> +static int shutdown_macvlan(struct lxc_handler *handler, struct lxc_netdev
> *netdev)
> +{
> + int err;
> +
> + if (netdev->downscript) {
> + err = run_script(handler->name, "net", netdev->downscript,
> + "down", "macvlan", netdev->link,
> + (char*) NULL);
> + if (err)
> + return -1;
> + }
> + return 0;
> +}
> +
> /* XXX: merge with instanciate_macvlan */
> static int instanciate_vlan(struct lxc_handler *handler, struct lxc_netdev
> *netdev)
> {
> @@ -1761,6 +1810,11 @@ static int instanciate_vlan(struct lxc_handler
> *handler, struct lxc_netdev *netd
> return 0;
> }
>
> +static int shutdown_vlan(struct lxc_handler *handle
Re: [lxc-devel] [PATCH] lxc-wait: Add timeout option
On 2012-07-09 19:28, Serge Hallyn wrote: > Quoting Jan Kiszka (jan.kis...@siemens.com): >> Allow to specify a timeout for waiting on state changes via lxc-wait. >> Helpful for scripts that need to handle errors or excessive delays in >> state changing procedures. > > Hi, > > in our lxc-api tree > (https://code.launchpad.net/~ubuntu-lxc/ubuntu/quantal/lxc/lxc-api-and-python/) > I've added changed src/lxc/state.c:lxc_wait() to take an optional > timeout value (0 means don't wait, -1 means wait forever), and use > select, to implement wait with timeout. It is only used by our > lxc_container->wait, not by src/lxc/lxc_wait.c which in our tree > passes in -1 to wait forever. Ideally our patches would be combined. No problem, I can base mine on top of yours. Did you post it already? Jan -- Siemens AG, Corporate Technology, CT RTC ITP SDP-DE Corporate Competence Center Embedded Linux -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] lxc test suite?
Hi. Are there regression tests available to verify lxc? Have googled, poked around in the source forge project pages, but so far am not seeing anything. Thanks, Stuart -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH] lxc-wait: Add timeout option
Quoting Jan Kiszka (jan.kis...@siemens.com): > On 2012-07-09 19:28, Serge Hallyn wrote: > > Quoting Jan Kiszka (jan.kis...@siemens.com): > >> Allow to specify a timeout for waiting on state changes via lxc-wait. > >> Helpful for scripts that need to handle errors or excessive delays in > >> state changing procedures. > > > > Hi, > > > > in our lxc-api tree > > (https://code.launchpad.net/~ubuntu-lxc/ubuntu/quantal/lxc/lxc-api-and-python/) > > I've added changed src/lxc/state.c:lxc_wait() to take an optional > > timeout value (0 means don't wait, -1 means wait forever), and use > > select, to implement wait with timeout. It is only used by our > > lxc_container->wait, not by src/lxc/lxc_wait.c which in our tree > > passes in -1 to wait forever. Ideally our patches would be combined. > > No problem, I can base mine on top of yours. Did you post it already? No I hadn't posted mine yet. Until the API goes in it didn't have a user... Sorry, I think I was being silly. Let's ignore what I said before. Let's push your patch for now and I'll just have yours use mine if/when mine goes up. Acked-by: Serge E. Hallyn thanks, -serge -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] lxc test suite?
Quoting Stuart Yoder (b08...@gmail.com): > Hi. Are there regression tests available to verify lxc? Have > googled, poked around in the source forge project pages, but so far am > not seeing anything. 1. at https://code.launchpad.net/~serge-hallyn/+junk/lxc-test I have a high level test suite that I run against the ubuntu package before uploads. 2. In the lxc api branch which Stéphane and I are working on (https://code.launchpad.net/~ubuntu-lxc/ubuntu/quantal/lxc/lxc-api-and-python/), there are the start of some test cases (mainly for the api so far) under src/tests/. -serge -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] Problem when using same vlan.id for multiple vlan interfaces
Quoting Axel Neumann (neum...@cgws.de):
> Hello,
>
> First, thanks a lot for your good work!
> We are using LXC in the CONFINE project (confine-project.eu) to provide
> researchers with a virtualized linux evironment in a distributed testbed.
>
> We found a problem when a container config looks like this (uses the
> same vlan id for several type=vlan container interfaces):
>
> lxc.network.type = vlan
> lxc.network.flags = up
> lxc.network.link = eth1
> lxc.network.vlan.id = 3842
> lxc.network.name = iso0
>
> lxc.network.type = vlan
> lxc.network.flags = up
> lxc.network.link = eth2
> lxc.network.vlan.id = 3842
> lxc.network.name = iso1
>
> Then, during the instantiation of the vlan interfaces an error occurs
> because the lxc code tries to assign the same name to both of them
> before it is bound into the container.
>
> Maybe you can have a look at the following patch which solves the problem
> (see also here:
> https://github.com/axn/lxc/commit/32fb8a007a95ad4beb9d9d7dade032a50f5da0db
> )
> and consider this or an alternative solution for your 0.8.0 branch.
>
> Thanks a lot
> /axel
Acked-by: Serge E. Hallyn
Looks reasonable. Thanks
>
> neumann@sid:/usr/src/lxc/lxc.git$ git diff HEAD^
> diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> index e8088bb..4f21464 100644
> --- a/src/lxc/conf.c
> +++ b/src/lxc/conf.c
> @@ -1733,13 +1733,14 @@ static int instanciate_vlan(struct lxc_handler
> *handler, struct lxc_netdev *netd
> {
> char peer[IFNAMSIZ];
> int err;
> +static uint16_t vlan_cntr = 0;
>
> if (!netdev->link) {
> ERROR("no link specified for vlan netdev");
> return -1;
> - }
> +}
>
> - snprintf(peer, sizeof(peer), "vlan%d", netdev->priv.vlan_attr.vid);
> +snprintf(peer, sizeof (peer), "vlan%d-%d",
> netdev->priv.vlan_attr.vid, vlan_cntr++);
>
> err = lxc_vlan_create(netdev->link, peer,
> netdev->priv.vlan_attr.vid);
> if (err) {
>
>
>
>
>
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Lxc-devel mailing list
> Lxc-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
