Fabio/qemu-arm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sync

Browse source 
Sync
This commit is contained in:
Kroese 2023-04-21 21:33:32 +02:00 committed by GitHub
commit f1504000d4
2 changed files with 43 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
readme.md
View file

@ -160,7 +160,7 @@ docker run -it --rm -e "BOOT=http://www.example.com/image.iso" --device=/dev/kvm
This also has the advantage that you don't need to do any portmapping anymore, because all ports will be fully exposed this way.
NOTE: Docker does not allow communication between the host and the container in a macvlan network. There are some ways to fix that if needed, but they go beyond the scope of this FAQ.
NOTE: You will not be able to reach this IP from the Docker host, as macvlan does not allow communication between those two. There are some ways to fix that if necessary, but they go beyond the scope of this FAQ.
* ### How can the container get an IP address via DHCP? ###
@ -175,6 +175,4 @@ docker run -it --rm -e "BOOT=http://www.example.com/image.iso" --device=/dev/kvm
- 'c 510:* rwm'
```
This will make QEMU retrieve an IP from your router. This will not be the same as the macvlan IP of the container, so to determine which one was assigned to QEMU please check the container logfile or use the devices page of your router for example.
NOTE: The exact cgroup rule may be different than `510` depending on your system, but the correct rule number will be printed to the logfile in case of error.
NOTE: The exact cgroup rule may be different than `510` depending on your system, but the correct rule number will be printed to the log output in case of error.

62
run/network.sh
View file

@ -3,6 +3,8 @@ set -eu
# Docker environment variabeles
: ${VM_NET_TAP:='qemu'}
: ${VM_NET_DEV:='eth0'}
: ${VM_NET_HOST:='QEMU'}
: ${VM_NET_MAC:='82:cf:d0:5e:57:66'}
@ -18,24 +20,28 @@ set -eu
configureDHCP() {
# Create /dev/vhost-net
if [ ! -c /dev/vhost-net ]; then
mknod /dev/vhost-net c 10 238
chmod 660 /dev/vhost-net
fi
VM_NET_VLAN="vlan"
GATEWAY=$(ip r | grep default | awk '{print $3}')
NETWORK=$(ip -o route | grep "${VM_NET_DEV}" | grep -v default | awk '{print $1}')
IP=$(ip address show dev "${VM_NET_DEV}" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
if [ ! -c /dev/vhost-net ]; then
echo -n "Error: VHOST interface not available. Please add the following "
echo "docker variable to your container: --device=/dev/vhost-net" && exit 85
fi
ip l add link "${VM_NET_DEV}" "${VM_NET_VLAN}" type macvlan mode bridge
ip address add "${IP}" dev "${VM_NET_VLAN}"
ip link set dev "${VM_NET_VLAN}" up
ip route flush dev "${VM_NET_DEV}"
ip route flush dev "${VM_NET_VLAN}"
ip route add "${NETWORK}" dev "${VM_NET_VLAN}" metric 0
ip route add default via "${GATEWAY}"
VM_NET_TAP="qemu"
echo "Info: Retrieving IP via DHCP using MAC ${VM_NET_MAC}..."
ip l add link eth0 name "${VM_NET_TAP}" address "${VM_NET_MAC}" type macvtap mode bridge || true
ip l add link "${VM_NET_DEV}" name "${VM_NET_TAP}" address "${VM_NET_MAC}" type macvtap mode bridge || true
ip l set "${VM_NET_TAP}" up
ip a flush eth0
ip a flush "${VM_NET_DEV}"
ip a flush "${VM_NET_TAP}"
DHCP_IP=$( dhclient -v "${VM_NET_TAP}" 2>&1 | grep ^bound | cut -d' ' -f3 )
@ -48,7 +54,19 @@ configureDHCP() {
ip a flush "${VM_NET_TAP}"
TAP_PATH="/dev/tap$(</sys/class/net/${VM_NET_TAP}/ifindex)"
# Create /dev/vhost-net
if [ ! -c /dev/vhost-net ]; then
mknod /dev/vhost-net c 10 238
chmod 660 /dev/vhost-net
fi
if [ ! -c /dev/vhost-net ]; then
echo -n "Error: VHOST interface not available. Please add the following "
echo "docker variable to your container: --device=/dev/vhost-net" && exit 85
fi
TAP_NR=$(</sys/class/net/"${VM_NET_TAP}"/ifindex)
TAP_PATH="/dev/tap${TAP_NR}"
# Create dev file (there is no udev in container: need to be done manually)
IFS=: read -r MAJOR MINOR < <(cat /sys/devices/virtual/net/"${VM_NET_TAP}"/tap*/dev)
@ -80,25 +98,25 @@ configureDHCP() {
configureNAT () {
VM_NET_TAP="qemu"
VM_NET_IP='20.20.20.21'
#Create bridge with static IP for the VM guest
brctl addbr dockerbridge
ip addr add ${VM_NET_IP%.*}.1/24 broadcast ${VM_NET_IP%.*}.255 dev dockerbridge
ip link set dockerbridge up
#QEMU Works with taps, set tap to the bridge created
ip tuntap add dev ${VM_NET_TAP} mode tap
ip link set ${VM_NET_TAP} up promisc on
brctl addif dockerbridge ${VM_NET_TAP}
ip tuntap add dev "${VM_NET_TAP}" mode tap
ip link set "${VM_NET_TAP}" up promisc on
brctl addif dockerbridge "${VM_NET_TAP}"
#Add internet connection to the VM
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp -j DNAT --to $VM_NET_IP
iptables -t nat -A PREROUTING -i eth0 -p udp -j DNAT --to $VM_NET_IP
iptables -t nat -A POSTROUTING -o "${VM_NET_DEV}" -j MASQUERADE
iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -p tcp -j DNAT --to $VM_NET_IP
iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -p udp -j DNAT --to $VM_NET_IP
# Hack for guest VMs complaining about "bad udp checksums in 5 packets"
iptables -A POSTROUTING -t mangle -p udp --dport bootpc -j CHECKSUM --checksum-fill
iptables -A POSTROUTING -t mangle -p udp --dport bootpc -j CHECKSUM --checksum-fill || true
#Enable port forwarding flag
[[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]] && sysctl -w net.ipv4.ip_forward=1
@ -158,7 +176,7 @@ GATEWAY=$(ip r | grep default | awk '{print $3}')
if [ "$DEBUG" = "Y" ]; then
IP=$(ip address show dev eth0 | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
IP=$(ip address show dev "${VM_NET_DEV}" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
echo "Info: Container IP is ${IP} with gateway ${GATEWAY}"
fi