From b17ffa6d6fa355b55dd8a79127896820206b100b Mon Sep 17 00:00:00 2001 From: Josh Kunz Date: Mon, 11 Mar 2019 00:35:19 -0700 Subject: [PATCH] Fully working implementation --- Dockerfile | 22 ++++++++++++ generate-dhcpd-conf | 83 +++++++++++++++++++++++++++++++++++++++++++++ qemu-ifdown | 6 ++++ qemu-ifup | 6 ++++ run.sh | 56 ++++++++++++++++++++++++++++++ 5 files changed, 173 insertions(+) create mode 100644 Dockerfile create mode 100755 generate-dhcpd-conf create mode 100755 qemu-ifdown create mode 100755 qemu-ifup create mode 100755 run.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..7f8dea6 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +FROM debian:buster-20190228-slim + +RUN apt-get update && apt-get -y upgrade && \ + apt-get --no-install-recommends -y install \ + iproute2 \ + jq \ + python3 \ + qemu-system-x86 \ + udhcpd \ + && apt-get clean + +COPY generate-dhcpd-conf /run/ +COPY qemu-ifdown /run/ +COPY qemu-ifup /run/ +COPY run.sh /run/ + +VOLUME /image + +ENTRYPOINT ["/run/run.sh"] + +# Mostly users will probably want to configure memory usage. +CMD ["-m", "512M"] diff --git a/generate-dhcpd-conf b/generate-dhcpd-conf new file mode 100755 index 0000000..99aa020 --- /dev/null +++ b/generate-dhcpd-conf @@ -0,0 +1,83 @@ +#!/usr/bin/env python3 + +import argparse +import ipaddress +import json +import re +import subprocess + +from typing import List + +DEFAULT_ROUTE = "default" +NS_IP_RE = re.compile(r'^nameserver\s+(\S+)$') +RESOLV_CONF_PATH = '/etc/resolv.conf' + +DHCP_CONF_TEMPLATE = """ +start {host_addr} +end {host_addr} + +# avoid dhcpd complaining that we have +# too many addresses +maxleases 1 + +interface {dhcp_intf} + +option dns {dns} +option router {gateway} +option subnet {subnet} +""" + +def nameservers() -> List[str]: + """Returns the list of nameserver IPs in resolv.conf""" + result = [] + with open(RESOLV_CONF_PATH) as resolv_f: + for line in resolv_f: + match = NS_IP_RE.match(line) + if match: + result.append(match.group(1)) + return result + +def default_route(routes): + """Returns the host's default route""" + for route in routes: + if route['dst'] == DEFAULT_ROUTE: + return route + raise ValueError('no default route') + +def addr_of(addrs, dev : str) -> ipaddress.IPv4Interface: + """Finds and returns the IP address of `dev`""" + for addr in addrs: + if addr['ifname'] != dev: + continue + if len(addr['addr_info']) != 1: + raise ValueError('only exactly one address on dev is supported') + info = addr['addr_info'][0] + return ipaddress.IPv4Interface((info['local'], info['prefixlen'])) + raise ValueError('dev {0} not found'.format(dev)) + +def generate_conf(intf_name : str) -> str: + """Generates a dhcpd config. `intf_name` is the interface to listen on.""" + with subprocess.Popen(['ip', '-json', 'route'], + stdout=subprocess.PIPE) as proc: + routes = json.load(proc.stdout) + with subprocess.Popen(['ip', '-json', 'addr'], + stdout=subprocess.PIPE) as proc: + addrs = json.load(proc.stdout) + + droute = default_route(routes) + host_addr = addr_of(addrs, droute['dev']) + + return DHCP_CONF_TEMPLATE.format( + dhcp_intf = intf_name, + dns = ' '.join(nameservers()), + host_addr = host_addr.ip, + gateway = droute['gateway'], + subnet = host_addr.network.netmask, + ) + +if __name__ == '__main__': + parser = argparse.ArgumentParser() + parser.add_argument('intf_name') + args = parser.parse_args() + + print(generate_conf(args.intf_name)) diff --git a/qemu-ifdown b/qemu-ifdown new file mode 100755 index 0000000..2ffdfa7 --- /dev/null +++ b/qemu-ifdown @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +QEMU_BRIDGE='qemubr0' + +ip link set dev $1 nomaster +ip link set dev $1 down diff --git a/qemu-ifup b/qemu-ifup new file mode 100755 index 0000000..befeea3 --- /dev/null +++ b/qemu-ifup @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +QEMU_BRIDGE='qemubr0' + +ip link set dev $1 up +ip link set dev $1 master $QEMU_BRIDGE diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..95fd1a1 --- /dev/null +++ b/run.sh @@ -0,0 +1,56 @@ +#!/usr/bin/env bash + +# A bridge of this name will be created to host the TAP interface created for +# the VM +QEMU_BRIDGE='qemubr0' + +# DHCPD must have an IP address to run, but that address doesn't have to +# be valid. This is the dummy address dhcpd is configured to use. +DUMMY_DHCPD_IP='10.0.0.1' + +# These scripts configure/deconfigure the VM interface on the bridge. +QEMU_IFUP='/run/qemu-ifup' +QEMU_IFDOWN='/run/qemu-ifdown' + +# The name of the dhcpd config file we make +DHCPD_CONF_FILE='dhcpd.conf' + +function default_intf() { + ip -json route show | + jq -r '.[] | select(.dst == "default") | .dev' +} + +# First step, we run the things that need to happen before we start mucking +# with the interfaces. We start by generating the DHCPD config file based +# on our current address/routes. We "steal" the container's IP, and lease +# it to the VM once it starts up. +/run/generate-dhcpd-conf $QEMU_BRIDGE > $DHCPD_CONF_FILE +default_dev=`default_intf` + +# Now we start modifying the networking configuration. First we clear out +# the IP address of the default device (will also have the side-effect of +# removing the default route) +ip addr flush dev $default_dev + +# Next, we create our bridge, and add our container interface to it. +ip link add $QEMU_BRIDGE type bridge +ip link set dev $default_dev master $QEMU_BRIDGE + +# Then, we toggle the interface and the bridge to make sure everything is up +# and running. +ip link set dev $default_dev up +ip link set dev $QEMU_BRIDGE up + +# Finally, start our DHCPD server +udhcpd -I $DUMMY_DHCPD_IP -f $DHCPD_CONF_FILE & + +# And run the VM! A brief explaination of the options here: +# -enable-kvm: Use KVM for this VM (much faster for our case). +# -nographic: disable SDL graphics. +# -serial mon:stdio: use "monitored stdio" as our serial output. +# -nic: Use a TAP interface with our custom up/down scripts. +# -drive: The VM image we're booting. +qemu-system-x86_64 -enable-kvm -nographic -serial mon:stdio \ + -nic tap,id=qemu0,script=$QEMU_IFUP,downscript=$QEMU_IFDOWN \ + "$@" \ + -drive format=raw,file=/image