func createBridge(name, network, natIface string) (*Bridge, error) { ipAddr, ipNet, err := net.ParseCIDR(network) if err != nil { return nil, err } if err := netlink.CreateBridge(name, true); err != nil { return nil, err } iface, err := net.InterfaceByName(name) if err != nil { return nil, err } // We need to explicitly assign the MAC address to avoid it changing to a lower value // See: https://github.com/flynn/flynn/issues/223 b := random.Bytes(5) mac := fmt.Sprintf("fe:%02x:%02x:%02x:%02x:%02x", b[0], b[1], b[2], b[3], b[4]) if err := netlink.NetworkSetMacAddress(iface, mac); err != nil { return nil, err } if err := netlink.NetworkLinkAddIp(iface, ipAddr, ipNet); err != nil { return nil, err } if err := netlink.NetworkLinkUp(iface); err != nil { return nil, err } if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte("1\n"), 0644); err != nil { return nil, err } if err := setupIPTables(name, natIface); err != nil { return nil, err } bridge := &Bridge{ name: name, iface: iface, ipAddr: ipAddr, ipNet: ipNet, alloc: ipallocator.New(), } bridge.alloc.RequestIP(ipNet, ipAddr) return bridge, nil }
func NewLibvirtLXCBackend(state *State, vman *volumemanager.Manager, bridgeName, initPath, umountPath string, mux *logmux.Mux, partitionCGroups map[string]int64, logger log15.Logger) (Backend, error) { libvirtc, err := libvirt.NewVirConnection("lxc:///") if err != nil { return nil, err } pinkertonCtx, err := pinkerton.BuildContext("aufs", imageRoot) if err != nil { return nil, err } for name, shares := range partitionCGroups { if err := createCGroupPartition(name, shares); err != nil { return nil, err } } return &LibvirtLXCBackend{ InitPath: initPath, UmountPath: umountPath, libvirt: libvirtc, state: state, vman: vman, pinkerton: pinkertonCtx, logStreams: make(map[string]map[string]*logmux.LogStream), containers: make(map[string]*libvirtContainer), defaultEnv: make(map[string]string), resolvConf: "/etc/resolv.conf", mux: mux, ipalloc: ipallocator.New(), bridgeName: bridgeName, discoverdConfigured: make(chan struct{}), networkConfigured: make(chan struct{}), partitionCGroups: partitionCGroups, logger: logger, }, nil }