[PATCH] Add /etc/rc.d/vimage startup script for creating vnet jails

Devin Teske devin.teske at fisglobal.com
Thu Sep 1 07:15:46 UTC 2011 

On Aug 27, 2011, at 10:47 AM, Devin Teske wrote:

> Hi All,
> 
> I'd like to submit a patch for review (attached) that adds a new /etc/rc.d script named "vimage".
> 
> <vimage_rc.20110827104104.patch> 

Updated. See attached file <vimage_rc.20110831135736.patch>

or see the web at http://druidbsd.sf.net/download/vimage_rc.20110831135736.patch

Highlights:
- optional automatic network interface bridging using netgraph(4)
- automatic MAC address management of ng_eiface(4) devices
- easily create multiple virtual NICs bridged to one or more physical NICs
- can point vimages at same directory and configure all virtual NICs for various vimages in single rc.conf(5)
- potentially scale up to maximum number of virtual NICs, 65,535
- new "_bridges" option helps simplify more complicated setups in combination with existing "_vnets" option in rc.conf (hint: lagg + carp)
- does not require bridge(4) or epair(4) -- but works fine with if that's what you want



> 
> Essentially, a hand-tweaked version of /etc/rc.d/jail with added/removed features.
> 
> Here's how we're using it in /etc/rc.conf to successfully start up vimage jails at boot time:
> 

New excerpt below, highlighting the new feature (netgraph(4) bridging):

========== BEGIN rc.conf(5) EXCERPT ==========

vimage_enable="YES"
vimage_list="v1 v2 v3"
vimage_services="sshd" # set all vimages to run sshd

# Vimage with one network interface bridged to bge0
vimage_v1_rootdir="/"
vimage_v1_hostname="vimage1"
vimage_v1_bridges="bge0"

# Vimage with two network interfaces, both bridged to bge0
vimage_v2_rootdir="/"
vimage_v2_hostname="vimage2"
vimage_v2_bridges="bge0 bge0"

# Vimage with four network interfaces, bridged to various interfaces
vimage_v3_rootdir="/"
vimage_v3_hostname="vimage3"
vimage_v3_bridges="bge0 bge0 fxp0 em0 em1"

# IP addresses for vimage1
ifconfig_ng0_v1="inet 192.168.1.100/24"

# IP addresses for vimage2
ifconfig_ng0_v2="inet 192.168.1.101/24"
ifconfig_ng1_v2="inet 192.168.1.102/24"

# IP addresses for vimage3
ifconfig_ng0_v3="inet 192.168.1.103/24"
ifconfig_ng1_v3="inet 192.168.1.104/24"
ifconfig_ng2_v3="inet 10.0.0.13/24"
ifconfig_ng3_v3="inet 10.10.220.101/24"
ifconfig_ng4_v3="inet 10.10.220.102/24"

========== END rc.conf(5) EXCERPT ==========

Normally, you would put the IP address settings into an rc.conf(5) file that is local to the vimage's root directory, but as seen above we pointed each root directory to "/" so we can configure the network interface in the same rc.conf(5).

The names of the network interfaces that are created for each vimage are in the form of: ng##_vimagename

ASIDE: The reason for this may not be immediately obvious, but once you start expanding your virtual network or using ngctl(8) to dump your configuration, you'll be happy that for the naming scheme chosen.

However, there's a system limitation of 15 characters in length for network interfaces displayed by ifconfig(8) (NOTE: ngctl(8) is happy to set the name to something longer than 15 characters but ifconfig(8) will refuse to display that name, falling back to the real/default name). Therefore, it's important to not make your vimage names too long (or if you do, make sure at least the first 11 characters are unique as the script will truncate the name of the interface to fit within 15 characters).
-- 
Cheers,
Devin


_____________

The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
_____________

More information about the freebsd-rc mailing list