summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHiroyuki Ishii <ishii.hiroyuki002@jp.panasonic.com>2022-07-14 16:23:37 +0900
committerJan-Simon Moeller <jsmoeller@linuxfoundation.org>2022-07-25 17:05:23 +0000
commitf206eab5753bd9ee2d5b1126c6ec5a18e75cac89 (patch)
tree77878be5d00f35abc4490a4d34472ab492bf531b
parent50f6b56d091d5d5a6c37910a0470f62bf5f72776 (diff)
agl-lxc: Enable network bridge via lxc-net
On lxc-host-image-demo, network (physical ethernet) is statically assigned to the ivi-guest space currently. This may be a bit problematic since the other guests and also host can't use network for some future usecases, for example we can't login to host by ssh. This change enables network bridge settings via lxc-net to solve this problem. Bug-AGL: SPEC-4475 Signed-off-by: Hiroyuki Ishii <ishii.hiroyuki002@jp.panasonic.com> Change-Id: Ic1a39b64de932f67b7be833d469ef1a80e0c52c9
Diffstat
-rw-r--r--meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in7
-rw-r--r--meta-agl-lxc/recipes-container/lxc/files/lxc-net.service15
-rw-r--r--meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend11
-rw-r--r--meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service4
-rw-r--r--meta-agl-lxc/recipes-kernel/linux/linux/lxc-net.cfg5
-rw-r--r--meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc3
-rw-r--r--meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb13
7 files changed, 49 insertions, 9 deletions
diff --git a/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in b/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in
index 5af82a2b..6545b1ad 100644
--- a/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in
+++ b/meta-agl-lxc/dynamic-layers/meta-rcar-gen3/recipes-container/lxc-config/lxc-config-ivi-demo/network.in
@@ -1,4 +1,5 @@
# lxc network setting
-lxc.net.0.type = phys
-lxc.net.0.link = eth0
-
+lxc.net.0.type = veth
+lxc.net.0.link = lxcbr0
+lxc.net.0.flags = up
+lxc.net.0.hwaddr = 00:16:3e:69:87:a4
diff --git a/meta-agl-lxc/recipes-container/lxc/files/lxc-net.service b/meta-agl-lxc/recipes-container/lxc/files/lxc-net.service
new file mode 100644
index 00000000..1b6e8451
--- /dev/null
+++ b/meta-agl-lxc/recipes-container/lxc/files/lxc-net.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=LXC network bridge setup
+After=network-online.target systemd-resolved.service
+Before=lxc.service
+Documentation=man:lxc
+ConditionVirtualization=!lxc
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=@LIBEXECDIR@/lxc/lxc-net start
+ExecStop=@LIBEXECDIR@/lxc/lxc-net stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend b/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend
index b8456f7f..75ab98c0 100644
--- a/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend
+++ b/meta-agl-lxc/recipes-container/lxc/lxc_%.bbappend
@@ -4,11 +4,16 @@ SYSTEMD_AUTO_ENABLE:${PN} = "enable"
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
-SRC_URI += "file://lxc.service"
+SRC_URI += " \
+ file://lxc.service \
+ file://lxc-net.service \
+ "
do_install:append () {
- install -D -m 0644 ${WORKDIR}/lxc.service ${D}${systemd_system_unitdir}/lxc.service
- sed -i -e 's,@LIBEXECDIR@,${libexecdir},g' ${D}${systemd_system_unitdir}/lxc.service
+ for service in lxc.service lxc-net.service; do
+ install -D -m 0644 ${WORKDIR}/$service ${D}${systemd_system_unitdir}/$service
+ sed -i -e 's,@LIBEXECDIR@,${libexecdir},g' ${D}${systemd_system_unitdir}/$service
+ done
}
# NOTE:
diff --git a/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service b/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service
index 4dcba06b..b49609e0 100644
--- a/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service
+++ b/meta-agl-lxc/recipes-demo/mominavi/mominavi/mominavi.service
@@ -1,7 +1,7 @@
[Unit]
Description=mominavi
-After=multi-user.target weston.service
-Requires=multi-user.target weston.service
+After=multi-user.target weston.service network-online.target
+Requires=multi-user.target weston.service network-online.target
[Service]
Type=simple
diff --git a/meta-agl-lxc/recipes-kernel/linux/linux/lxc-net.cfg b/meta-agl-lxc/recipes-kernel/linux/linux/lxc-net.cfg
new file mode 100644
index 00000000..e9bd7b80
--- /dev/null
+++ b/meta-agl-lxc/recipes-kernel/linux/linux/lxc-net.cfg
@@ -0,0 +1,5 @@
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
+CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
+CONFIG_IP_NF_FILTER=m
+CONFIG_NF_NAT=m
+CONFIG_NF_CONNTRACK=y
diff --git a/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc b/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc
index 327beb18..87e1edc5 100644
--- a/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc
+++ b/meta-agl-lxc/recipes-kernel/linux/linux_lxc.inc
@@ -3,7 +3,8 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/linux:"
# Disable all other AGL provided kernel configuration (barring
# base BSP provided configuration), and just enable a locally
# provided fragment with minimal LXC required configuration.
-AGL_KCONFIG_FRAGMENTS = "lxc.cfg"
+AGL_KCONFIG_FRAGMENTS += "lxc.cfg "
+AGL_KCONFIG_FRAGMENTS += "lxc-net.cfg "
diff --git a/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb b/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb
index 0be9c591..c7424f57 100644
--- a/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb
+++ b/meta-agl-lxc/recipes-platform/images/lxc-host-image-demo.bb
@@ -15,4 +15,17 @@ IMAGE_INSTALL += " \
wireplumber-config-agl \
"
+# packages required for network bridge settings via lxc-net
+IMAGE_INSTALL += " \
+ lxc-networking \
+ iptables-modules \
+ dnsmasq \
+ systemd-netif-config \
+ kernel-module-xt-addrtype \
+ kernel-module-xt-multiport \
+"
+
+# network manager to use
+VIRTUAL-RUNTIME_net_manager = "systemd"
+
IMAGE_INSTALL:append:rcar-gen3 = " kernel-module-gles "