{"id":14276,"date":"2024-08-08T18:21:12","date_gmt":"2024-08-08T10:21:12","guid":{"rendered":"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276"},"modified":"2024-08-16T16:25:14","modified_gmt":"2024-08-16T08:25:14","slug":"lxc4-0-0%e6%ba%90%e7%a0%81%e5%88%86%e6%9e%90%e5%ae%b9%e5%99%a8lxc_setup%e4%b9%8b%e7%bd%91%e7%bb%9c","status":"publish","type":"post","link":"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276","title":{"rendered":"lxc4.0.0\u6e90\u7801\u5206\u6790(\u5bb9\u5668lxc_setup\u4e4b\u7f51\u7edc)"},"content":{"rendered":"<p>\u5927\u81f4\u7684\u6d41\u7a0b\u662f\u5728\u5bbf\u4e3b\u8fdb\u7a0b\u4e2d\u521b\u5efa\u7f51\u5361\uff0c\u7136\u540e\u79fb\u52a8\u5230\u5bb9\u5668\u8fdb\u7a0b\u7684\u7f51\u7edc\u547d\u540d\u7a7a\u95f4\uff0c\u6700\u540e\u5728\u5bb9\u5668\u8fdb\u7a0b\u7684\u7f51\u7edc\u547d\u540d\u7a7a\u95f4\u8bbe\u7f6e\u7f51\u5361\u7684\u5404\u79cd\u53c2\u6570\u5982mac\u3001ip\u3001gateway\u7b49\u3002<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_16 counter-hierarchy counter-decimal ez-toc-grey\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\">\u76ee\u5f55<\/p>\n<span class=\"ez-toc-title-toggle\"><a class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" style=\"display: none;\"><i class=\"ez-toc-glyphicon ez-toc-icon-toggle\"><\/i><\/a><\/span><\/div>\n<nav><ul class=\"ez-toc-list ez-toc-list-level-1\"><li class=\"ez-toc-page-1 ez-toc-heading-level-1\"><a class=\"ez-toc-link ez-toc-heading-1\" href=\"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276\/#%E4%B8%80%E3%80%81%E5%AE%BF%E4%B8%BB%E8%BF%9B%E7%A8%8B\" title=\"\u4e00\u3001\u5bbf\u4e3b\u8fdb\u7a0b\">\u4e00\u3001\u5bbf\u4e3b\u8fdb\u7a0b<\/a><ul class=\"ez-toc-list-level-2\"><li class=\"ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-2\" href=\"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276\/#lxc_netns_set_nsid%E5%87%BD%E6%95%B0\" title=\"lxc_netns_set_nsid\u51fd\u6570\">lxc_netns_set_nsid\u51fd\u6570<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-3\" href=\"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276\/#lxc_create_network%E5%87%BD%E6%95%B0\" title=\"lxc_create_network\u51fd\u6570\">lxc_create_network\u51fd\u6570<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-4\" href=\"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276\/#lxc_network_send_to_child%E5%87%BD%E6%95%B0\" title=\"lxc_network_send_to_child\u51fd\u6570\">lxc_network_send_to_child\u51fd\u6570<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-1\"><a class=\"ez-toc-link ez-toc-heading-5\" href=\"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276\/#%E4%BA%8C%E3%80%81%E5%AE%B9%E5%99%A8%E8%BF%9B%E7%A8%8B\" title=\"\u4e8c\u3001\u5bb9\u5668\u8fdb\u7a0b\">\u4e8c\u3001\u5bb9\u5668\u8fdb\u7a0b<\/a><ul class=\"ez-toc-list-level-2\"><li class=\"ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-6\" href=\"http:\/\/xinyiworld.top\/wordpress_it\/?p=14276\/#lxc_setup_network_in_child_namespaces%E5%87%BD%E6%95%B0\" title=\"lxc_setup_network_in_child_namespaces\u51fd\u6570\">lxc_setup_network_in_child_namespaces\u51fd\u6570<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E4%B8%80%E3%80%81%E5%AE%BF%E4%B8%BB%E8%BF%9B%E7%A8%8B\"><\/span>\u4e00\u3001\u5bbf\u4e3b\u8fdb\u7a0b<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p>\u89c1start.c\u6587\u4ef6\u7684lxc_spawn\u51fd\u6570<\/p>\n<pre><code class=\"language-c\">ret = lxc_netns_set_nsid(handler-&gt;nsfd[LXC_NS_NET]);\n    if (ret &lt; 0)\n        SYSWARN(&quot;Failed to allocate new network namespace id&quot;);\n    else\n        TRACE(&quot;Allocated new network namespace id&quot;);\n\n    \/* Create the network configuration. *\/\n    if (handler-&gt;ns_clone_flags &amp; CLONE_NEWNET) {\n        ret = lxc_create_network(handler);\n        if (ret &lt; 0) {\n            ERROR(&quot;Failed to create the network&quot;);\n            goto out_delete_net;\n        }\n\n        ret = lxc_network_send_to_child(handler);\n        if (ret &lt; 0) {\n            ERROR(&quot;Failed to send veth names to child&quot;);\n            goto out_delete_net;\n        }\n    }<\/code><\/pre>\n<h2><span class=\"ez-toc-section\" id=\"lxc_netns_set_nsid%E5%87%BD%E6%95%B0\"><\/span>lxc_netns_set_nsid\u51fd\u6570<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u901a\u8fc7\u4e0a\u9762\u7684lxc_try_preserve_namespaces\u65b9\u6cd5\u89e3\u6790\u51fa\u5bb9\u5668\u7f51\u7edc\u547d\u540d\u7a7a\u95f4\u6807\u8bc6\u6587\u4ef6\u7684fd<br \/>\n<img src=\"http:\/\/xinyiworld.top\/wordpress_it\/wp-content\/uploads\/2024\/08\/setnsid.png\" alt=\"\" \/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"lxc_create_network%E5%87%BD%E6%95%B0\"><\/span>lxc_create_network\u51fd\u6570<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<pre><code class=\"language-c\">int lxc_create_network(struct lxc_handler *handler)\n{\n    int ret;\n\n    if (handler-&gt;am_root) {\n        ret = lxc_create_network_priv(handler);\n        if (ret)\n            return -1;\n\n        return lxc_network_move_created_netdev_priv(handler);\n    }\n\n    return lxc_create_network_unpriv(handler);\n}<\/code><\/pre>\n<p>\u2192lxc_create_network_priv<br \/>\n\u2192\u2192<code>netdev_conf[netdev-&gt;type](handler, netdev)<\/code><br \/>\n\u2192\u2192\u2192instantiate_macvlan<\/p>\n<pre><code class=\"language-c\">\/\/\u968f\u673a\u751f\u6210\u7f51\u5361\u8bbe\u5907\u540d\u79f0\nlxc_ifname_alnum_case_sensitive\n\n\/\/\u521b\u5efamacvlan\u865a\u62df\u7f51\u5361\u8bbe\u5907mcXXXXXX\n\/\/\u6838\u5fc3\u65b9\u6cd5\nlxc_macvlan_create\n\n\/\/\u5c06\u521b\u5efa\u7684\u7f51\u5361\u8bbe\u5907mcXXXXXX\u540d\u79f0\u5b58\u50a8\u8d77\u6765\nnetdev-&gt;created_name\n\n\/\/\u83b7\u53d6\u65b0\u521b\u5efa\u7684\u7f51\u5361\u8bbe\u5907\u7684ifindex\u503c\nnetdev-&gt;ifindex = if_nametoindex(peer);<\/code><\/pre>\n<p>\u2192lxc_network_move_created_netdev_priv<br \/>\n\u2192\u2192lxc_netdev_move_by_index(netdev-&gt;ifindex, pid, netdev-&gt;name)<\/p>\n<pre><code class=\"language-c\">\u901a\u8fc7netlink\u5c06\u521b\u5efa\u7684\u7f51\u5361\u8bbe\u5907\u79fb\u52a8\u81f3\u5bb9\u5668\u7684\u7f51\u7edc\u547d\u540d\u7a7a\u95f4\n\n\u53c2\u65701\uff1anetdev-&gt;ifindex\uff0c\u5373\u65b0\u5efa\u7684\u7f51\u5361\u7684ifindex\u503c\u3002\n\u53c2\u65702\uff1apid\uff0c\u5373\u5bb9\u5668\u8fdb\u7a0bpid.\n\u53c2\u65703\uff1a\u5373\u5bb9\u5668\u914d\u7f6e\u6587\u4ef6\u914d\u7f6e\u7684\u7f51\u5361\u540d\u79f0\n\n\u539f\u7406\u662f\u901a\u8fc7netlink\u7684\u63a5\u53e3\uff0c\u901a\u8fc7pid\u64cd\u4f5c\u5bb9\u5668\u7684\u547d\u540d\u7a7a\u95f4\uff0c\u901a\u8fc7ifindex\u5efa\u7acb\u8054\u7cfb\uff0c\u5c06\u65b0\u5efa\u7684\u7f51\u5361\u8bbe\u5907\u79fb\u52a8\u5230\u4e86\u5bb9\u5668\u7684\u7f51\u7edc\u547d\u540d\u7a7a\u95f4\u3002<\/code><\/pre>\n<h2><span class=\"ez-toc-section\" id=\"lxc_network_send_to_child%E5%87%BD%E6%95%B0\"><\/span>lxc_network_send_to_child\u51fd\u6570<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u5bb9\u5668\u8fdb\u7a0b\u901a\u8fc7lxc_network_recv_from_parent\u65b9\u6cd5\u83b7\u53d6\u5bbf\u4e3b\u8fdb\u7a0b\u7684\u7f51\u5361\u540d\u79f0<\/p>\n<h1><span class=\"ez-toc-section\" id=\"%E4%BA%8C%E3%80%81%E5%AE%B9%E5%99%A8%E8%BF%9B%E7%A8%8B\"><\/span>\u4e8c\u3001\u5bb9\u5668\u8fdb\u7a0b<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p>\u89c1conf.c\u7684lxc_setup\u51fd\u6570<\/p>\n<pre><code class=\"language-c\">if (handler-&gt;ns_clone_flags &amp; CLONE_NEWNET) {\n        ret = lxc_setup_network_in_child_namespaces(lxc_conf,\n                                &amp;lxc_conf-&gt;network);\n        if (ret &lt; 0)\n            return log_error(-1, &quot;Failed to setup network&quot;);\n\n        ret = lxc_network_send_name_and_ifindex_to_parent(handler);\n        if (ret &lt; 0)\n            return log_error(-1, &quot;Failed to send network device names and ifindices to parent&quot;);\n    }<\/code><\/pre>\n<h2><span class=\"ez-toc-section\" id=\"lxc_setup_network_in_child_namespaces%E5%87%BD%E6%95%B0\"><\/span>lxc_setup_network_in_child_namespaces\u51fd\u6570<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<pre><code class=\"language-css\">ret = netdev_ns_conf[netdev-&gt;type](netdev);\nif (!ret)\n    ret = lxc_network_setup_in_child_namespaces_common(netdev);<\/code><\/pre>\n<p>\u2192netdev_ns_conf<br \/>\n\u2192\u2192instantiate_ns_macvlan \uff08\u901a\u8fc7\u7f51\u5361\u540d\u79f0\u83b7\u53d6ifindex\u503c\uff09<br \/>\n\u2192lxc_network_setup_in_child_namespaces_common<br \/>\n\u8bbe\u7f6e\u7f51\u5361\u8bbe\u5907\u7684mac\u5730\u5740\uff0cip\u5730\u5740\u3001\u7f51\u5173\u7b49\u53c2\u6570\uff0c\u4f46\u662f\u8bbe\u5907\u521b\u5efa\u5b58\u7591\uff08\u6000\u7591\u662f\u5bbf\u4e3b\u8fdb\u7a0b\u521b\u5efa\u7684\u90a3\u4e2a\u8bbe\u5907\uff0c\u56e0\u4e3aifindex\uff0c\u4f46\u662f\u6ca1\u6709\u627e\u5230\u4e24\u8005\u4e4b\u95f4\u7684\u8054\u7cfb\u3002\uff09<\/p>\n<button class=\"simplefavorite-button\" data-postid=\"14276\" data-siteid=\"1\" data-groupid=\"1\" data-favoritecount=\"0\" style=\"\">\u6536\u85cf <i class=\"sf-icon-star-empty\"><\/i><\/button>","protected":false},"excerpt":{"rendered":"<p>\u5927\u81f4\u7684\u6d41\u7a0b\u662f\u5728\u5bbf\u4e3b\u8fdb\u7a0b\u4e2d\u521b\u5efa\u7f51\u5361\uff0c\u7136\u540e\u79fb\u52a8\u5230\u5bb9\u5668\u8fdb\u7a0b\u7684\u7f51\u7edc\u547d\u540d\u7a7a\u95f4\uff0c\u6700\u540e\u5728\u5bb9\u5668\u8fdb\u7a0b\u7684\u7f51\u7edc\u547d\u540d\u7a7a\u95f4\u8bbe\u7f6e [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1092],"tags":[],"_links":{"self":[{"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=\/wp\/v2\/posts\/14276"}],"collection":[{"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14276"}],"version-history":[{"count":17,"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=\/wp\/v2\/posts\/14276\/revisions"}],"predecessor-version":[{"id":14384,"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=\/wp\/v2\/posts\/14276\/revisions\/14384"}],"wp:attachment":[{"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14276"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14276"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/xinyiworld.top\/wordpress_it\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14276"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}