Solved vnet jail interface name

S

shurik

Currently I am using vnet jails with this config:
Code: 
vnet="new";
vnet.interface  = "vnet0";
.....
exec.prestart   = "ifconfig epair${id} create";
exec.prestart  += "ifconfig epair${id}a up";
exec.prestart  += "ifconfig epair${id}b name vnet0";
exec.prestart  += "ifconfig bridge0 addm  epair${id}a";
...
exec.poststop  = "ifconfig bridge0 deletem epair${id}a;";
exec.poststop += "ifconfig epair${id}a destroy;";
.....
sample-jail01 {id=1;};
sample-jail02 {id=2;};
Is there any way to know epair's interface name (or index) and using it in jail.conf when interface created? My final goal is to avoid static ${id} entries in jail.conf. One part of this question may be solved by passing interface name while creation "ifconfig epair create name epair-${name}", this creates two interfaces - epair-sample-jail01 and epairXb. But how pass to a jail epairXb?
 
I am not sure if it helps, but you could use the jail-id. The jail-id is either provided when starting a jail from the command line or enumerated by the jail automatically. Please see jail(8) for jid.
 
In my case epair interfaces created before jail start (exec.prestart), so jail-id is not known.
 
May I recommend Jan Bramkamp's mk-epair.sh script for this? This should alleviate all your painpoints. You can add it into your prestart statements to set up an interface to your liking, without having to deal with the numbering:

gist.github.com

mk-epair

mk-epair. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com gist.github.com
 
I don't how exec.prestart script works, but maybe you can try something like:
Code: 
exec.prestart   = "epn=`ifconfig epair create | sed 's/.\{1\}$//'`";
exec.prestart  += "ifconfig ${epn}a up";
exec.prestart  += "ifconfig ${epn}b name vnet0";
exec.prestart  += "ifconfig bridge0 addm ${epn}a";
The idea is to take the epair name generated by ifconfig in epn var ( sed 's/.\{1\}$//' removes the last character of the interface name, e.g. epair0a -> epair0).
Didn't test this.

By the way, you don't need to deletem an interface from a bridge if you destroy this interface. The OS does that for you.
 
You must log in or register to reply here.
Back
Top