diff options
author | Hiroyuki Ishii <ishii.hiroyuki002@jp.panasonic.com> | 2022-07-14 16:23:37 +0900 |
---|---|---|
committer | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2022-07-25 17:05:23 +0000 |
commit | f206eab5753bd9ee2d5b1126c6ec5a18e75cac89 (patch) | |
tree | 77878be5d00f35abc4490a4d34472ab492bf531b | |
parent | 50f6b56d091d5d5a6c37910a0470f62bf5f72776 (diff) |
agl-lxc: Enable network bridge via lxc-net
On lxc-host-image-demo, network (physical ethernet) is statically
assigned to the ivi-guest space currently. This may be a bit
problematic since the other guests and also host can't use network
for some future usecases, for example we can't login to host by
ssh. This change enables network bridge settings via lxc-net to
solve this problem.
Bug-AGL: SPEC-4475
Signed-off-by: Hiroyuki Ishii <ishii.hiroyuki002@jp.panasonic.com>
Change-Id: Ic1a39b64de932f67b7be833d469ef1a80e0c52c9
7 files changed, 49 insertions, 9 deletions
diff --git a/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in b/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in index 5af82a2b..6545b1ad 100644 --- a/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in +++ b/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in @@ -1,4 +1,5 @@ # lxc network setting -lxc.net.0.type = phys -lxc.net.0.link = eth0 - +lxc.net.0.type = veth +lxc.net.0.link = lxcbr0 +lxc.net.0.flags = up +lxc.net.0.hwaddr = 00:16:3e:69:87:a4 diff --git a/meta-agl-lxc/recipes-container/lxc/files/lxc-net.service b/meta-agl-lxc/recipes-container/lxc/files/lxc-net.service new file mode 100644 index 00000000..1b6e8451 --- /dev/null +++ b/meta-agl-lxc/recipes-container/lxc/files/lxc-net.service @@ -0,0 +1,15 @@ +[Unit] +Description=LXC network bridge setup +After=network-online.target systemd-resolved.service +Before=lxc.service +Documentation=man:lxc +ConditionVirtualization=!lxc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@LIBEXECDIR@/lxc/lxc-net start +ExecStop=@LIBEXECDIR@/lxc/lxc-net stop + +[Install] +WantedBy=multi-user.target diff --git a/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend b/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend index b8456f7f..75ab98c0 100644 --- a/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend +++ b/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend @@ -4,11 +4,16 @@ SYSTEMD_AUTO_ENABLE:${PN} = "enable" FILESEXTRAPATHS:prepend := "${THISDIR}/files:" -SRC_URI += "file://lxc.service" +SRC_URI += " \ + file://lxc.service \ + file://lxc-net.service \ + " do_install:append () { - install -D -m 0644 ${WORKDIR}/lxc.service ${D}${systemd_system_unitdir}/lxc.service - sed -i -e 's,@LIBEXECDIR@,${libexecdir},g' ${D}${systemd_system_unitdir}/lxc.service + for service in lxc.service lxc-net.service; do + install -D -m 0644 ${WORKDIR}/$service ${D}${systemd_system_unitdir}/$service + sed -i -e 's,@LIBEXECDIR@,${libexecdir},g' ${D}${systemd_system_unitdir}/$service + done } # NOTE: diff --git a/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service b/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service index 4dcba06b..b49609e0 100644 --- a/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service +++ b/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service @@ -1,7 +1,7 @@ [Unit] Description=mominavi -After=multi-user.target weston.service -Requires=multi-user.target weston.service +After=multi-user.target weston.service network-online.target +Requires=multi-user.target weston.service network-online.target [Service] Type=simple diff --git a/meta-agl-lxc/recipes-kernel/linux/linux/lxc-net.cfg b/meta-agl-lxc/recipes-kernel/linux/linux/lxc-net.cfg new file mode 100644 index 00000000..e9bd7b80 --- /dev/null +++ b/meta-agl-lxc/recipes-kernel/linux/linux/lxc-net.cfg @@ -0,0 +1,5 @@ +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_IP_NF_FILTER=m +CONFIG_NF_NAT=m +CONFIG_NF_CONNTRACK=y diff --git a/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc b/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc index 327beb18..87e1edc5 100644 --- a/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc +++ b/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc @@ -3,7 +3,8 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/linux:" # Disable all other AGL provided kernel configuration (barring # base BSP provided configuration), and just enable a locally # provided fragment with minimal LXC required configuration. -AGL_KCONFIG_FRAGMENTS = "lxc.cfg" +AGL_KCONFIG_FRAGMENTS += "lxc.cfg " +AGL_KCONFIG_FRAGMENTS += "lxc-net.cfg " diff --git a/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb b/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb index 0be9c591..c7424f57 100644 --- a/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb +++ b/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb @@ -15,4 +15,17 @@ IMAGE_INSTALL += " \ wireplumber-config-agl \ " +# packages required for network bridge settings via lxc-net +IMAGE_INSTALL += " \ + lxc-networking \ + iptables-modules \ + dnsmasq \ + systemd-netif-config \ + kernel-module-xt-addrtype \ + kernel-module-xt-multiport \ +" + +# network manager to use +VIRTUAL-RUNTIME_net_manager = "systemd" + IMAGE_INSTALL:append:rcar-gen3 = " kernel-module-gles " |