xos/synchronizer/templates/start-container.sh.j2 - openstack - Gitiles


 {#
 Copyright 2017-present Open Networking Foundation

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 #}


 #!/bin/bash

 iptables -L > /dev/null
 ip6tables -L > /dev/null

 CONTAINER={{ container_name }}
 IMAGE={{ docker_image }}

 function mac_to_iface {
     PARENT_MAC=$1
     ifconfig|grep $PARENT_MAC| awk '{print $1}'|grep -v '\.'
 }

 function encapsulate_stag {
     LAN_IFACE=$1
     STAG=$2
     ifconfig $LAN_IFACE >> /dev/null
     if [ "$?" == 0 ]; then
         STAG_IFACE=$LAN_IFACE.$STAG
         ifconfig $LAN_IFACE up
         ifconfig $STAG_IFACE
         if [ "$?" == 0 ]; then
             echo $STAG_IFACE is already created
         else
             ifconfig $STAG_IFACE >> /dev/null || ip link add link $LAN_IFACE name $STAG_IFACE type vlan id $STAG
         fi
             ifconfig $STAG_IFACE up
     else
         echo There is no $LAN_IFACE. Aborting.
         exit -1
     fi
 }


 {% if volumes %}
 {% for volume in volumes %}
 DEST_DIR=/var/container_volumes/$CONTAINER/{{ volume }}
 mkdir -p $DEST_DIR
 VOLUME_ARGS="$VOLUME_ARGS -v $DEST_DIR:{{ volume }}"
 {% endfor %}
 {% endif %}

 docker inspect $CONTAINER > /dev/null 2>&1
 if [ "$?" == 1 ]
 then
     docker pull $IMAGE
 {% if network_method=="host" %}
     docker run -d --name=$CONTAINER --privileged=true --net=host $VOLUME_ARGS $IMAGE
 {% elif network_method=="bridged" %}
     docker run -d --name=$CONTAINER --privileged=true --net=bridge $VOLUME_ARGS $IMAGE
 {% else %}
     docker run -d --name=$CONTAINER --privileged=true --net=none $VOLUME_ARGS $IMAGE
 {% endif %}
 else
     docker start $CONTAINER
 fi

 {% if ports %}
 {% for port in ports %}

 {% if port.next_hop %}
 NEXTHOP_ARG="@{{ port.next_hop }}"
 {% else %}
 NEXTHOP_ARG=""
 {% endif %}

 {% if port.c_tag %}
 CTAG_ARG="@{{ port.c_tag }}"
 {% else %}
 CTAG_ARG=""
 {% endif %}

 {% if port.parent_mac %}
 # container-in-VM
 SRC_DEV=$( mac_to_iface "{{ port.parent_mac }}" )
 CMD="docker exec $CONTAINER ifconfig $SRC_DEV >> /dev/null || pipework $SRC_DEV -i {{ port.device }} $CONTAINER {{ port.ip }}/24$NEXTHOP_ARG {{ port.mac }} $CTAG_ARG"
 echo $CMD
 eval $CMD

 {% else %}
 # container-on-metal
 IP="{{ port.ip }}"
 {% if port.mac %}
 MAC="{{ port.mac }}"
 {% else %}
 MAC=""
 {% endif %}

 DEVICE="{{ port.device }}"
 BRIDGE="{{ port.bridge }}"
 {% if port.s_tag %}
 # This is intended for lan_network. Assume that BRIDGE is set to br_lan. We
 # create a device that strips off the S-TAG.
 STAG="{{ port.s_tag }}"
 encapsulate_stag $BRIDGE $STAG
 SRC_DEV=$STAG_IFACE
 {% else %}
 # This is for a standard neutron private network. We use a donor VM to setup
 # openvswitch for us, and we snoop at its devices and create a tap using the
 # same settings.
 XOS_NETWORK_ID="{{ port.xos_network_id }}"
 INSTANCE_MAC="{{ port.snoop_instance_mac }}"
 INSTANCE_ID="{{ port.snoop_instance_id }}"
 INSTANCE_TAP=`virsh domiflist $INSTANCE_ID | grep -i $INSTANCE_MAC | awk '{print $1}'`
 INSTANCE_TAP=${INSTANCE_TAP:3}
 VLAN_ID=`ovs-vsctl show | grep -i -A 1 port.*$INSTANCE_TAP | grep -i tag | awk '{print $2}'`
 # One tap for all containers per XOS/neutron network. Included the VLAN_ID in the
 # hash, to cover the case where XOS is reinstalled and the XOS network ids
 # get reused.
 TAP="con`echo ${XOS_NETWORK_ID}_$VLAN_ID|md5sum|awk '{print $1}'`"
 TAP=${TAP:0:10}
 echo im=$INSTANCE_MAC ii=$INSTANCE_ID it=$INSTANCE_TAP vlan=$VLAN_ID tap=$TAP con=$CONTAINER dev=$DEVICE mac=$MAC
 ovs-vsctl show | grep -i $TAP
 if [[ $? == 1 ]]; then
     echo creating tap
     ovs-vsctl add-port $BRIDGE $TAP tag=$VLAN_ID -- set interface $TAP type=internal
 else
     echo tap exists
 fi
 SRC_DEV=$TAP
 {% endif %}

 CMD="docker exec $CONTAINER ifconfig $DEVICE >> /dev/null || pipework $SRC_DEV -i $DEVICE $CONTAINER $IP/24$NEXTHOP_ARG $MAC $CTAG_ARG"
 echo $CMD
 eval $CMD
 {% endif %}
 {% endfor %}
 {% endif %}

 # Attach to container
 # (this is only done when using upstart, since upstart expects to be attached
 #  to a running service)
 if [[ "$1" == "ATTACH" ]]; then
     docker start -a $CONTAINER
 fi

	{#
	Copyright 2017-present Open Networking Foundation

	Licensed under the Apache License, Version 2.0 (the "License");
	you may not use this file except in compliance with the License.
	You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	#}


	#!/bin/bash

	iptables -L > /dev/null
	ip6tables -L > /dev/null

	CONTAINER={{ container_name }}
	IMAGE={{ docker_image }}

	function mac_to_iface {
	PARENT_MAC=$1
	ifconfig\|grep $PARENT_MAC\| awk '{print $1}'\|grep -v '\.'
	}

	function encapsulate_stag {
	LAN_IFACE=$1
	STAG=$2
	ifconfig $LAN_IFACE >> /dev/null
	if [ "$?" == 0 ]; then
	STAG_IFACE=$LAN_IFACE.$STAG
	ifconfig $LAN_IFACE up
	ifconfig $STAG_IFACE
	if [ "$?" == 0 ]; then
	echo $STAG_IFACE is already created
	else
	ifconfig $STAG_IFACE >> /dev/null \|\| ip link add link $LAN_IFACE name $STAG_IFACE type vlan id $STAG
	fi
	ifconfig $STAG_IFACE up
	else
	echo There is no $LAN_IFACE. Aborting.
	exit -1
	fi
	}


	{% if volumes %}
	{% for volume in volumes %}
	DEST_DIR=/var/container_volumes/$CONTAINER/{{ volume }}
	mkdir -p $DEST_DIR
	VOLUME_ARGS="$VOLUME_ARGS -v $DEST_DIR:{{ volume }}"
	{% endfor %}
	{% endif %}

	docker inspect $CONTAINER > /dev/null 2>&1
	if [ "$?" == 1 ]
	then
	docker pull $IMAGE
	{% if network_method=="host" %}
	docker run -d --name=$CONTAINER --privileged=true --net=host $VOLUME_ARGS $IMAGE
	{% elif network_method=="bridged" %}
	docker run -d --name=$CONTAINER --privileged=true --net=bridge $VOLUME_ARGS $IMAGE
	{% else %}
	docker run -d --name=$CONTAINER --privileged=true --net=none $VOLUME_ARGS $IMAGE
	{% endif %}
	else
	docker start $CONTAINER
	fi

	{% if ports %}
	{% for port in ports %}

	{% if port.next_hop %}
	NEXTHOP_ARG="@{{ port.next_hop }}"
	{% else %}
	NEXTHOP_ARG=""
	{% endif %}

	{% if port.c_tag %}
	CTAG_ARG="@{{ port.c_tag }}"
	{% else %}
	CTAG_ARG=""
	{% endif %}

	{% if port.parent_mac %}
	# container-in-VM
	SRC_DEV=$( mac_to_iface "{{ port.parent_mac }}" )
	CMD="docker exec $CONTAINER ifconfig $SRC_DEV >> /dev/null \|\| pipework $SRC_DEV -i {{ port.device }} $CONTAINER {{ port.ip }}/24$NEXTHOP_ARG {{ port.mac }} $CTAG_ARG"
	echo $CMD
	eval $CMD

	{% else %}
	# container-on-metal
	IP="{{ port.ip }}"
	{% if port.mac %}
	MAC="{{ port.mac }}"
	{% else %}
	MAC=""
	{% endif %}

	DEVICE="{{ port.device }}"
	BRIDGE="{{ port.bridge }}"
	{% if port.s_tag %}
	# This is intended for lan_network. Assume that BRIDGE is set to br_lan. We
	# create a device that strips off the S-TAG.
	STAG="{{ port.s_tag }}"
	encapsulate_stag $BRIDGE $STAG
	SRC_DEV=$STAG_IFACE
	{% else %}
	# This is for a standard neutron private network. We use a donor VM to setup
	# openvswitch for us, and we snoop at its devices and create a tap using the
	# same settings.
	XOS_NETWORK_ID="{{ port.xos_network_id }}"
	INSTANCE_MAC="{{ port.snoop_instance_mac }}"
	INSTANCE_ID="{{ port.snoop_instance_id }}"
	INSTANCE_TAP=`virsh domiflist $INSTANCE_ID \| grep -i $INSTANCE_MAC \| awk '{print $1}'`
	INSTANCE_TAP=${INSTANCE_TAP:3}
	VLAN_ID=`ovs-vsctl show \| grep -i -A 1 port.*$INSTANCE_TAP \| grep -i tag \| awk '{print $2}'`
	# One tap for all containers per XOS/neutron network. Included the VLAN_ID in the
	# hash, to cover the case where XOS is reinstalled and the XOS network ids
	# get reused.
	TAP="con`echo ${XOS_NETWORK_ID}_$VLAN_ID\|md5sum\|awk '{print $1}'`"
	TAP=${TAP:0:10}
	echo im=$INSTANCE_MAC ii=$INSTANCE_ID it=$INSTANCE_TAP vlan=$VLAN_ID tap=$TAP con=$CONTAINER dev=$DEVICE mac=$MAC
	ovs-vsctl show \| grep -i $TAP
	if [[ $? == 1 ]]; then
	echo creating tap
	ovs-vsctl add-port $BRIDGE $TAP tag=$VLAN_ID -- set interface $TAP type=internal
	else
	echo tap exists
	fi
	SRC_DEV=$TAP
	{% endif %}

	CMD="docker exec $CONTAINER ifconfig $DEVICE >> /dev/null \|\| pipework $SRC_DEV -i $DEVICE $CONTAINER $IP/24$NEXTHOP_ARG $MAC $CTAG_ARG"
	echo $CMD
	eval $CMD
	{% endif %}
	{% endfor %}
	{% endif %}

	# Attach to container
	# (this is only done when using upstart, since upstart expects to be attached
	# to a running service)
	if [[ "$1" == "ATTACH" ]]; then
	docker start -a $CONTAINER
	fi