Re: [libvirt] [PATCH 4/4] Add support for interfaces with type=direct to LXC

On 11/10/2011 06:28 AM, Daniel P. Berrange wrote: >From: "Daniel P. Berrange"<berrange(a)redhat.com> > >Support creation of macvlan devices for LXC containers. Do not >allow setting of network filters, bandwidth controls or vport >profiles due to the complication that there is no host side >visible device to work with. > >* src/lxc/lxc_driver.c: Support type=direct interfaces >--- > src/lxc/lxc_driver.c | 106 +++++++++++++++++++++++++++++++++++++++++++++++++- > 1 files changed, 105 insertions(+), 1 deletions(-) > >diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c >index 4f6807b..09752a3 100644 >--- a/src/lxc/lxc_driver.c >+++ b/src/lxc/lxc_driver.c >@@ -1230,6 +1230,102 @@ cleanup: > return ret; > } > >+ >+static int lxcSetupInterfaceDirect(virConnectPtr conn, >+ virDomainDefPtr def, >+ virDomainNetDefPtr net, >+ unsigned int *nveths, >+ char ***veths) >+{ >+ int ret = 0; >+ char *res_ifname = NULL; >+ lxc_driver_t *driver = conn->privateData; >+ virNetDevBandwidthPtr bw; >+ virNetDevVPortProfilePtr prof; >+ >+ /* XXX how todo filtering ? >+ * Since the 'net-ifname' is about to be moved to a different >+ * namespace& renamed, there will be no host side visible >+ * interface for the container to attach rules to >+ */ Afaik, filtering doesn't work on the direct interfaces anyway due to missing hooks in their kernel implementation. At least I have been told so about the macvtap type of device.