mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-01-08 02:29:51 -06:00
Code Issues Packages Projects Releases Wiki Activity

Revised networking and docker macvlan usage

Browse Source 
- Create new interface(s), names macvlan as macvlan networks
- Attach docker macvlan to newly created macvlan network instead of interface
This commit is contained in:
bergware
2023-08-08 09:10:08 +02:00
parent e9060412b6
commit 29ebdd8a9c
3 changed files with 44 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
emhttp/plugins/dynamix.docker.manager/DockerSettings.page
View File

@@ -254,14 +254,6 @@ _(Template Authoring Mode)_:
:docker_authoring_mode_help:
_(Docker custom network type)_:
: <select name="DOCKER_NETWORK_TYPE">
<?=mk_option(_var($dockercfg,'DOCKER_NETWORK_TYPE'), '1', _('ipvlan'))?>
<?=mk_option(_var($dockercfg,'DOCKER_NETWORK_TYPE'), '', _('macvlan'))?>
</select>&nbsp;_(Please read the Help carefully)_. _(Misconfiguration can cause problems)_.
:docker_custom_network_type_help:
_(Host access to custom networks)_:
: <select name="DOCKER_ALLOW_ACCESS">
<?=mk_option(_var($dockercfg,'DOCKER_ALLOW_ACCESS'), '', _('Disabled'))?>
@@ -460,11 +452,6 @@ _(Docker LOG rotation)_:
:docker_log_rotation_active_help:
_(Docker custom network type)_:
: <?=_var($dockercfg,'DOCKER_NETWORK_TYPE')=='1' ? _('ipvlan') : _('macvlan')?>
:docker_custom_network_type_help:
_(Host access to custom networks)_:
: <?=_var($dockercfg,'DOCKER_ALLOW_ACCESS')=='yes' ? _('Enabled') : _('Disabled')?>

14
etc/rc.d/rc.docker
View File

@@ -73,15 +73,9 @@ else
[[ -e $SYSTEM/docker0 ]] && echo 1 > $CONF6/docker0/disable_ipv6
fi
if [[ -z $DOCKER_NETWORK_TYPE ]]; then
DETACH='ipvlan'
ATTACH='macvlan'
MODE='bridge'
else
DETACH='macvlan'
ATTACH='ipvlan'
MODE='l2 bridge'
fi
DETACH='ipvlan'
ATTACH='macvlan'
MODE='bridge'
export DOCKER_RAMDISK=true
@@ -404,7 +398,7 @@ start_network(){
[[ -n $RANGE ]] && SERVER="--aux-address=server=${R4%/*}" || SERVER="--aux-address=server=${SHIM_HIGH%/*}"
fi
fi
docker network create -d $ATTACH $SUBNET $GATEWAY $SERVER $RANGE $SUBNET6 $GATEWAY6 $SERVER6 $RANGE6 -o parent=$NETWORK $NETWORK | xargs docker network inspect -f 'created network {{.Name}} with subnets: {{range .IPAM.Config}}{{.Subnet}}; {{end}}' 2>/dev/null | logger -t $(basename $0)
docker network create -d $ATTACH $SUBNET $GATEWAY $SERVER $RANGE $SUBNET6 $GATEWAY6 $SERVER6 $RANGE6 -o parent=${ATTACH}${NETWORK//[^0-9.]/} $NETWORK | xargs docker network inspect -f 'created network {{.Name}} with subnets: {{range .IPAM.Config}}{{.Subnet}}; {{end}}' 2>/dev/null | logger -t $(basename $0)
# connect containers to this new network
for CONNECT in ${NETRESTORE[$NETWORK]}; do
THIS_ID=${CONNECT%,*}

43
etc/rc.d/rc.inet1
View File

@@ -51,7 +51,9 @@
# - reverted iptables and ip6tables and arp-tables inclusion to bridge interfaces
# - removed promiscuous mode setting for bridge interfaces
# - added persistent option to dhcpcd
#
# Adapted by Bergware for use in unRAID - August 2023
# - added macvlan network creation
############################
# READ NETWORK CONFIG FILE #
@@ -244,12 +246,42 @@ vlan_up(){
vlan_down(){
for PORT in ${BRNICS[$i]:-${IFNAME[$i]}}; do
for VLAN in $(ls --indicator-style=none $SYSTEM|grep -Po "$PORT\.\d+"); do
run ip link set $VLAN down
run ip link del $VLAN
run ip link set $VLAN down 2>/dev/null
run ip link del $VLAN 2>/dev/null
done
done
}
macvlan_up(){
PARENT=${IFNAME[$i]}
[[ -n ${BONDNICS[$i]} ]] && PARENT=${BONDNAME[$i]}
[[ -n ${BRNICS[$i]} ]] && PARENT=${BRNAME[$i]}
MACVLAN=macvlan${PARENT//[^0-9]/}
run ip link add link $PARENT name $MACVLAN type macvlan mode bridge
set_mtu $MACVLAN
run ip link set $MACVLAN up 2>/dev/null
for ((j=1;j<${VLANS[$i]:-0};j++)); do
VLAN=${VLANID[$i,$j]}
run ip link add link $PARENT.$VLAN name $MACVLAN.$VLAN type macvlan mode bridge
set_mtu $MACVLAN.$VLAN
run ip link set $MACVLAN.$VLAN up 2>/dev/null
done
}
macvlan_down(){
PARENT=${IFNAME[$i]}
[[ -n ${BONDNICS[$i]} ]] && PARENT=${BONDNAME[$i]}
[[ -n ${BRNICS[$i]} ]] && PARENT=${BRNAME[$i]}
MACVLAN=macvlan${PARENT//[^0-9]/}
for ((j=1;j<${VLANS[$i]:-0};j++)); do
VLAN=${VLANID[$i,$j]}
run ip link set $MACVLAN.$VLAN down 2>/dev/null
run ip link del $MACVLAN.$VLAN 2>/dev/null
done
run ip link set $MACVLAN down 2>/dev/null
run ip link del $MACVLAN 2>/dev/null
}
# function to enable/disable ipv6 protocol per interface
ipv6_up(){
[[ -d $CONF6/${IFACE/$1/$2} ]] && echo $4 >$CONF6/${IFACE/$1/$2}/disable_ipv6
@@ -272,6 +304,7 @@ ipv6_conf(){
# function to enable/disable ipv6 assignment per interface
ipv6_addr(){
ipv6_ra $IFACE $1 $2
ipv6_ra macvlan${IFACE//[^0-9.]} $1 $2
# repeat action on related interfaces
if [[ ${IFACE:0:4} == bond ]]; then
ipv6_conf bond br eth $1 $2
@@ -288,6 +321,7 @@ ipaddr_up(){
# disable IPv6 per interface when IPv4 only
[[ $IP == ipv4 ]] && DISABLE6=1 || DISABLE6=0
echo $DISABLE6 >$CONF6/$IFACE/disable_ipv6
echo $DISABLE6 >$CONF6/macvlan${IFACE//[^0-9.]}/disable_ipv6
# repeat action on related interfaces
if [[ ${IFACE:0:4} == bond ]]; then
ipv6_up bond br eth $DISABLE6
@@ -356,6 +390,7 @@ ipaddr_conf(){
ipaddr_flush(){
run ip -$1 addr flush dev $IFACE
run ip -$1 route flush dev $IFACE
run ip -$1 addr flush dev macvlan${IFACE//[^0-9.]}
if [[ ${IFACE:0:4} == bond ]]; then
ipaddr_conf bond br eth $1
elif [[ ${IFACE:0:2} == br ]]; then
@@ -394,6 +429,7 @@ if_up(){
[[ -n ${BONDNICS[$i]} ]] && bond_up # create interface as bond
[[ -n ${VLANS[$i]} ]] && vlan_up # create interface VLANs
[[ -n ${BRNICS[$i]} ]] && br_up # create interface as bridge
macvlan_up # create macvlan interfaces
# if the interface isn't in the kernel yet
# but there's an alias for it in modules.conf
# then it should be loaded first
@@ -492,6 +528,7 @@ if_down(){
[[ $DEBUG_ETH_UP == yes ]] && log "interface $IFACE not present, can't take down"
fi
done
macvlan_down # delete macvlan interfaces
[[ -n ${BRNICS[$i]} ]] && br_down # delete interface as bridge
[[ -n ${VLANS[$i]} ]] && vlan_down # delete interface VLANs
[[ -n ${BONDNICS[$i]} ]] && bond_down # delete interface as bond