[libvirt] [PATCH v2 2/2] lxc: don't forbid <interface type='direct'>

Ján Tomko jtomko at redhat.com
Fri Dec 7 09:37:22 UTC 2018

On Thu, Dec 06, 2018 at 10:58:23AM -0500, Laine Stump wrote:
>Commit 017dfa27d changed a few switch statements in the LXC code to
>have all possible enum values, and in the process changed the switch
>statement in virLXCControllerGetNICIndexes() to return an error status
>for unsupported interface types, but it erroneously put type='direct'
>on the list of unsupported types.
>type='direct' (implemented with a macvlan interface) is supported on
>LXC, but it's interface shouldn't be placed on the list of interfaces
>given to CreateMachineWithNetwork() because the interface is put
>inside the container, while CreateMachineWithNetwork() only wants to
>know about the parent veths of veth pairs (the parent veth remains on
>the host side, while the child veth is put into the container).
>Resolves: https://bugzilla.redhat.com/1656463
>Signed-off-by: Laine Stump <laine at laine.org>
> src/lxc/lxc_controller.c | 14 +++++++++++++-
> 1 file changed, 13 insertions(+), 1 deletion(-)
>diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
>index 07342cbc77..cff004a034 100644
>--- a/src/lxc/lxc_controller.c
>+++ b/src/lxc/lxc_controller.c
>@@ -364,6 +364,16 @@ static int virLXCControllerGetNICIndexes(virLXCControllerPtr ctrl)
>     size_t i;
>     int ret = -1;
>+    /* Gather the ifindexes of the "parent" veths for all interfaces
>+     * implemented with a veth pair. These will be used when calling
>+     * virCgroupNewMachine (and eventually the dbus method
>+     * CreateMachineWithNetwork). ifindexes for the child veths, and
>+     * for macvlan interfaces, *should not* be in this list, as they
>+     * will be moved into the container. Only the interfaces that will
>+     * remain outside the container, but are used for communication
>+     * with the container, should be added to the list.
>+     */
>     VIR_DEBUG("Getting nic indexes");
>     for (i = 0; i < ctrl->def->nnets; i++) {
>         int nicindex = -1;
>@@ -388,6 +398,9 @@ static int virLXCControllerGetNICIndexes(virLXCControllerPtr ctrl)
>             ctrl->nicindexes[ctrl->nnicindexes-1] = nicindex;
>             break;
>+           break;
>         case VIR_DOMAIN_NET_TYPE_USER:
>@@ -395,7 +408,6 @@ static int virLXCControllerGetNICIndexes(virLXCControllerPtr ctrl)
>         case VIR_DOMAIN_NET_TYPE_UDP:
>             virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>                            _("Unsupported net type %s"),

Technically, from the point of view of this function whether the net
type is supported or not does not matter (qemuBuildInterfaceCommandLine
uses 'break;' for all the other networks.

But any effort spent on this function would be better spent on removing
the QEMU/LXC duplication and not bothering calling it on non-systemd
systems, so:

Reviewed-by: Ján Tomko <jtomko at redhat.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20181207/e5ffacde/attachment-0001.sig>

More information about the libvir-list mailing list