Benoit/esh
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
This repository has been archived on 2025-02-14. You can view files and clone it, but cannot push or open issues or pull requests.
esh/esh_undocker/resources/network.rb

100 lines
2.9 KiB
Ruby
Raw Normal View History

Archive abandoned project
2025-02-15 00:56:26 +09:00
#
# Cookbook:: esh_undocker
# Resource:: network
#
# Copyright:: 2022, https://easyself.host
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
unified_mode true
property :ip_addr, String, name_property: true
property :image, String, required: true
default_action :setup
action :setup do
ip_addr = new_resource.ip_addr
image = new_resource.image
netns_name = image
eth_name = image[0..8]
apt_package 'bridge-utils'
file '/etc/systemd/network/undocker0.netdev' do
content <<~EOT
[NetDev]
Name=undocker0
Kind=bridge
EOT
owner 'root'
group 'root'
mode '0644'
action :create
notifies :restart, 'service[systemd-networkd]', :immediately
end
file '/etc/systemd/network/undocker0.network' do
content <<~EOT
[Match]
Name=undocker0
Driver=bridge
[Network]
Address=10.10.10.1/24
LinkLocalAddressing=yes
DHCPServer=no
IPMasquerade=yes
LLDP=yes
EmitLLDP=customer-bridge
EOT
owner 'root'
group 'root'
mode '0644'
action :create
notifies :restart, 'service[systemd-networkd]', :immediately
end
service 'systemd-networkd' do
action :nothing
end
systemd_unit "#{image}-network.service" do
content <<~EOU
[Unit]
Description=ESH Piped Network Service
After=network.target
Before=#{image}.service
[Service]
Type=oneshot
RemainAfterExit=yes
# Weird bug where you need to mount sys again...
ExecStart=-/usr/bin/mkdir -p /sys2
ExecStart=-/usr/bin/mount -t sysfs --make-private /sys2
ExecStart=-/usr/bin/ip netns add #{netns_name}
ExecStart=-/usr/bin/ip link add name vb-#{eth_name} type veth peer name host-#{eth_name}
ExecStart=-/usr/bin/ip link set host-#{eth_name} netns #{netns_name}
ExecStart=-/usr/bin/ip netns exec #{netns_name} ip addr add #{ip_addr}/24 dev host-#{eth_name}
ExecStart=-/usr/bin/ip netns exec #{netns_name} ip link set host-#{eth_name} up
ExecStart=-/usr/bin/ip netns exec #{netns_name} ip route add 10.10.10.0/24 dev host-#{eth_name}
ExecStart=-/usr/bin/ip netns exec #{netns_name} ip link set lo up
ExecStart=-/usr/bin/ip link set vb-#{eth_name} up
ExecStart=-/usr/bin/ip netns exec #{netns_name} ip route add default via 10.10.10.1 dev host-#{eth_name}
ExecStart=-/usr/sbin/brctl addif undocker0 vb-#{eth_name}
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOU
action [:create, :enable, :start]
end
end
Reference in a new issue Copy permalink