Re: [libvirt] [PATCH 4/4] Add support for interfaces with type=direct to LXC

On Thu, Nov 10, 2011 at 09:02:41AM -0500, Stefan Berger wrote: > On 11/10/2011 06:28 AM, Daniel P. Berrange wrote: >> From: "Daniel P. Berrange"<berrange(a)redhat.com> >> >> Support creation of macvlan devices for LXC containers. Do not >> allow setting of network filters, bandwidth controls or vport >> profiles due to the complication that there is no host side >> visible device to work with. >> >> * src/lxc/lxc_driver.c: Support type=direct interfaces >> --- >> src/lxc/lxc_driver.c | 106 +++++++++++++++++++++++++++++++++++++++++++++++++- >> 1 files changed, 105 insertions(+), 1 deletions(-) >> >> diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c >> index 4f6807b..09752a3 100644 >> --- a/src/lxc/lxc_driver.c >> +++ b/src/lxc/lxc_driver.c >> @@ -1230,6 +1230,102 @@ cleanup: >> return ret; >> } >> >> + >> +static int lxcSetupInterfaceDirect(virConnectPtr conn, >> + virDomainDefPtr def, >> + virDomainNetDefPtr net, >> + unsigned int *nveths, >> + char ***veths) >> +{ >> + int ret = 0; >> + char *res_ifname = NULL; >> + lxc_driver_t *driver = conn->privateData; >> + virNetDevBandwidthPtr bw; >> + virNetDevVPortProfilePtr prof; >> + >> + /* XXX how todo filtering ? >> + * Since the 'net-ifname' is about to be moved to a different >> + * namespace& renamed, there will be no host side visible >> + * interface for the container to attach rules to >> + */ > Afaik, filtering doesn't work on the direct interfaces anyway due to > missing hooks in their kernel implementation. At least I have been > told so about the macvtap type of device. Oh, I wonder why the filtering controls are set for macvtap devices in the QEMU driver :-)

Daniel