[lxc-devel] [lxd/master] Add limits to routed & tweak network list

Mon, 25 May 2020 13:31:31 -0700 

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/7426

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===


From 464ce02658ce93f962485331317501665cd75c51 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgra...@ubuntu.com>
Date: Mon, 25 May 2020 13:05:09 -0400
Subject: [PATCH 1/3] lxc/network: Add IPv4/IPv6 columns
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
---
 lxc/network.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/lxc/network.go b/lxc/network.go
index 2c24635e5a..e86e50600b 100644
--- a/lxc/network.go
+++ b/lxc/network.go
@@ -855,7 +855,15 @@ func (c *cmdNetworkList) Run(cmd *cobra.Command, args 
[]string) error {
                }
 
                strUsedBy := fmt.Sprintf("%d", len(network.UsedBy))
-               details := []string{network.Name, network.Type, strManaged, 
network.Description, strUsedBy}
+               details := []string{
+                       network.Name,
+                       network.Type,
+                       strManaged,
+                       network.Config["ipv4.address"],
+                       network.Config["ipv6.address"],
+                       network.Description,
+                       strUsedBy,
+               }
                if resource.server.IsClustered() {
                        details = append(details, 
strings.ToUpper(network.Status))
                }
@@ -867,6 +875,8 @@ func (c *cmdNetworkList) Run(cmd *cobra.Command, args 
[]string) error {
                i18n.G("NAME"),
                i18n.G("TYPE"),
                i18n.G("MANAGED"),
+               i18n.G("IPV4"),
+               i18n.G("IPV6"),
                i18n.G("DESCRIPTION"),
                i18n.G("USED BY"),
        }

From 6bc26a9ecbdd6fc918411476822c3185f22efefb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgra...@ubuntu.com>
Date: Mon, 25 May 2020 16:29:59 -0400
Subject: [PATCH 2/3] api: Add container_nic_routed_limits
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
---
 doc/api-extensions.md | 3 +++
 shared/version/api.go | 1 +
 2 files changed, 4 insertions(+)

diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index dfb2c878fa..2361e704dd 100644
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -1041,3 +1041,6 @@ It also introduces the following new endpoint:
 
 ## network\_dns\_search
 This introduces the `dns.search` config option on networks.
+
+## container\_nic\_routed\_limits
+This introduces `limits.ingress`, `limits.egress` and `limits.max` for routed 
NICs.
diff --git a/shared/version/api.go b/shared/version/api.go
index 975d0221cf..cecebe0847 100644
--- a/shared/version/api.go
+++ b/shared/version/api.go
@@ -211,6 +211,7 @@ var APIExtensions = []string{
        "resources_system",
        "images_push_relay",
        "network_dns_search",
+       "container_nic_routed_limits",
 }
 
 // APIExtensionsCount returns the number of available API extensions.

From d56333ab8292a56daf9f98969c31219dc5b5cfd1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgra...@ubuntu.com>
Date: Mon, 25 May 2020 16:30:12 -0400
Subject: [PATCH 3/3] lxd/device/nic/routed: Add limits support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #7318

Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
---
 doc/instances.md         |  3 +++
 lxd/device/nic_routed.go | 36 ++++++++++++++++++++++++++++++++++--
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/doc/instances.md b/doc/instances.md
index 0991bd9c41..7d6328f504 100644
--- a/doc/instances.md
+++ b/doc/instances.md
@@ -474,6 +474,9 @@ name                    | string    | kernel assigned   | 
no        | The name o
 host\_name              | string    | randomly assigned | no        | The name 
of the interface inside the host
 mtu                     | integer   | parent MTU        | no        | The MTU 
of the new interface
 hwaddr                  | string    | randomly assigned | no        | The MAC 
address of the new interface
+limits.ingress          | string    | -                 | no        | I/O 
limit in bit/s for incoming traffic (various suffixes supported, see below)
+limits.egress           | string    | -                 | no        | I/O 
limit in bit/s for outgoing traffic (various suffixes supported, see below)
+limits.max              | string    | -                 | no        | Same as 
modifying both limits.ingress and limits.egress
 ipv4.address            | string    | -                 | no        | Comma 
delimited list of IPv4 static addresses to add to the instance
 ipv4.gateway            | string    | auto              | no        | Whether 
to add an automatic default IPv4 gateway, can be "auto" or "none"
 ipv4.host\_address      | string    | 169.254.0.1       | no        | The IPv4 
address to add to the host-side veth interface.
diff --git a/lxd/device/nic_routed.go b/lxd/device/nic_routed.go
index 3aa0681338..15c0548b3d 100644
--- a/lxd/device/nic_routed.go
+++ b/lxd/device/nic_routed.go
@@ -23,7 +23,7 @@ type nicRouted struct {
 }
 
 func (d *nicRouted) CanHotPlug() (bool, []string) {
-       return false, []string{}
+       return false, []string{"limits.ingress", "limits.egress", "limits.max"}
 }
 
 // validateConfig checks the supplied config for correctness.
@@ -40,6 +40,9 @@ func (d *nicRouted) validateConfig(instConf 
instance.ConfigReader) error {
                "hwaddr",
                "host_name",
                "vlan",
+               "limits.ingress",
+               "limits.egress",
+               "limits.max",
                "ipv4.gateway",
                "ipv6.gateway",
                "ipv4.host_address",
@@ -292,14 +295,43 @@ func (d *nicRouted) setupParentSysctls(parentName string) 
error {
        return nil
 }
 
+// Update returns an error as most devices do not support live updates without 
being restarted.
+func (d *nicRouted) Update(oldDevices deviceConfig.Devices, isRunning bool) 
error {
+       v := d.volatileGet()
+
+       // If instance is running, apply host side limits.
+       if isRunning {
+               err := d.validateEnvironment()
+               if err != nil {
+                       return err
+               }
+
+               // Apply host-side limits.
+               d.config["host_name"] = v["host_name"]
+               err = networkSetVethLimits(d.config)
+               if err != nil {
+                       return err
+               }
+       }
+
+       return nil
+}
+
 // postStart is run after the instance is started.
 func (d *nicRouted) postStart() error {
        v := d.volatileGet()
 
        // If volatile host_name is defined (and it should be), then configure 
the host-side interface.
        if v["host_name"] != "" {
+               // Apply host-side limits.
+               d.config["host_name"] = v["host_name"]
+               err := networkSetVethLimits(d.config)
+               if err != nil {
+                       return err
+               }
+
                // Attempt to disable IPv6 router advertisement acceptance.
-               err := util.SysctlSet(fmt.Sprintf("net/ipv6/conf/%s/accept_ra", 
v["host_name"]), "0")
+               err = util.SysctlSet(fmt.Sprintf("net/ipv6/conf/%s/accept_ra", 
v["host_name"]), "0")
                if err != nil && !os.IsNotExist(err) {
                        return err
                }

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to