diff --git a/doc/main.aux b/doc/main.aux deleted file mode 100644 index d4b0173..0000000 --- a/doc/main.aux +++ /dev/null @@ -1,18 +0,0 @@ -\relax -\@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{1}{}\protected@file@percent } -\@writefile{toc}{\contentsline {section}{\numberline {2}Prerequisites}{1}{}\protected@file@percent } -\@writefile{toc}{\contentsline {section}{\numberline {3}Step-by-Step Configuration}{1}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Creating and Setting Up the Incus Container}{1}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.2}Installing Additional Packages}{1}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Configuring Users and Permissions}{2}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.3.1}Changing the Root Password}{2}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.3.2}Adding a New User}{2}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.4}Accessing the Container}{2}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.5}Installing dnsmasq}{2}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.6}Configuring the Network with Netplan}{2}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.7}Configuring dnsmasq}{3}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.8}Starting and Enabling dnsmasq}{4}{}\protected@file@percent } -\@writefile{toc}{\contentsline {subsection}{\numberline {3.9}Testing the Configuration}{4}{}\protected@file@percent } -\@writefile{toc}{\contentsline {section}{\numberline {4}Troubleshooting}{4}{}\protected@file@percent } -\@writefile{toc}{\contentsline {section}{\numberline {5}Conclusion}{4}{}\protected@file@percent } -\gdef \@abspage@last{4} diff --git a/doc/main.log b/doc/main.log deleted file mode 100644 index 7c61972..0000000 --- a/doc/main.log +++ /dev/null @@ -1,337 +0,0 @@ -This is pdfTeX, Version 3.141592653-2.6-1.40.26 (TeX Live 2025/dev/Debian) (preloaded format=pdflatex 2024.12.27) 15 MAY 2025 09:28 -entering extended mode - restricted \write18 enabled. - %&-line parsing enabled. -**main -(./main.tex -LaTeX2e <2024-11-01> -L3 programming layer <2024-11-02> -(/usr/share/texlive/texmf-dist/tex/latex/base/article.cls -Document Class: article 2024/06/29 v1.4n Standard LaTeX document class -(/usr/share/texlive/texmf-dist/tex/latex/base/size12.clo -File: size12.clo 2024/06/29 v1.4n Standard LaTeX file (size option) -) -\c@part=\count196 -\c@section=\count197 -\c@subsection=\count198 -\c@subsubsection=\count199 -\c@paragraph=\count266 -\c@subparagraph=\count267 -\c@figure=\count268 -\c@table=\count269 -\abovecaptionskip=\skip49 -\belowcaptionskip=\skip50 -\bibindent=\dimen141 -) -(/usr/share/texlive/texmf-dist/tex/latex/base/inputenc.sty -Package: inputenc 2024/02/08 v1.3d Input encoding file -\inpenc@prehook=\toks17 -\inpenc@posthook=\toks18 -) -(/usr/share/texlive/texmf-dist/tex/latex/base/fontenc.sty -Package: fontenc 2021/04/29 v2.0v Standard LaTeX package -) -(/usr/share/texmf/tex/latex/lm/lmodern.sty -Package: lmodern 2015/05/01 v1.6.1 Latin Modern Fonts -LaTeX Font Info: Overwriting symbol font `operators' in version `normal' -(Font) OT1/cmr/m/n --> OT1/lmr/m/n on input line 22. -LaTeX Font Info: Overwriting symbol font `letters' in version `normal' -(Font) OML/cmm/m/it --> OML/lmm/m/it on input line 23. -LaTeX Font Info: Overwriting symbol font `symbols' in version `normal' -(Font) OMS/cmsy/m/n --> OMS/lmsy/m/n on input line 24. -LaTeX Font Info: Overwriting symbol font `largesymbols' in version `normal' -(Font) OMX/cmex/m/n --> OMX/lmex/m/n on input line 25. -LaTeX Font Info: Overwriting symbol font `operators' in version `bold' -(Font) OT1/cmr/bx/n --> OT1/lmr/bx/n on input line 26. -LaTeX Font Info: Overwriting symbol font `letters' in version `bold' -(Font) OML/cmm/b/it --> OML/lmm/b/it on input line 27. -LaTeX Font Info: Overwriting symbol font `symbols' in version `bold' -(Font) OMS/cmsy/b/n --> OMS/lmsy/b/n on input line 28. -LaTeX Font Info: Overwriting symbol font `largesymbols' in version `bold' -(Font) OMX/cmex/m/n --> OMX/lmex/m/n on input line 29. -LaTeX Font Info: Overwriting math alphabet `\mathbf' in version `normal' -(Font) OT1/cmr/bx/n --> OT1/lmr/bx/n on input line 31. -LaTeX Font Info: Overwriting math alphabet `\mathsf' in version `normal' -(Font) OT1/cmss/m/n --> OT1/lmss/m/n on input line 32. -LaTeX Font Info: Overwriting math alphabet `\mathit' in version `normal' -(Font) OT1/cmr/m/it --> OT1/lmr/m/it on input line 33. -LaTeX Font Info: Overwriting math alphabet `\mathtt' in version `normal' -(Font) OT1/cmtt/m/n --> OT1/lmtt/m/n on input line 34. -LaTeX Font Info: Overwriting math alphabet `\mathbf' in version `bold' -(Font) OT1/cmr/bx/n --> OT1/lmr/bx/n on input line 35. -LaTeX Font Info: Overwriting math alphabet `\mathsf' in version `bold' -(Font) OT1/cmss/bx/n --> OT1/lmss/bx/n on input line 36. -LaTeX Font Info: Overwriting math alphabet `\mathit' in version `bold' -(Font) OT1/cmr/bx/it --> OT1/lmr/bx/it on input line 37. -LaTeX Font Info: Overwriting math alphabet `\mathtt' in version `bold' -(Font) OT1/cmtt/m/n --> OT1/lmtt/m/n on input line 38. -) -(/usr/share/texlive/texmf-dist/tex/latex/geometry/geometry.sty -Package: geometry 2020/01/02 v5.9 Page Geometry - -(/usr/share/texlive/texmf-dist/tex/latex/graphics/keyval.sty -Package: keyval 2022/05/29 v1.15 key=value parser (DPC) -\KV@toks@=\toks19 -) -(/usr/share/texlive/texmf-dist/tex/generic/iftex/ifvtex.sty -Package: ifvtex 2019/10/25 v1.7 ifvtex legacy package. Use iftex instead. - -(/usr/share/texlive/texmf-dist/tex/generic/iftex/iftex.sty -Package: iftex 2022/02/03 v1.0f TeX engine tests -)) -\Gm@cnth=\count270 -\Gm@cntv=\count271 -\c@Gm@tempcnt=\count272 -\Gm@bindingoffset=\dimen142 -\Gm@wd@mp=\dimen143 -\Gm@odd@mp=\dimen144 -\Gm@even@mp=\dimen145 -\Gm@layoutwidth=\dimen146 -\Gm@layoutheight=\dimen147 -\Gm@layouthoffset=\dimen148 -\Gm@layoutvoffset=\dimen149 -\Gm@dimlist=\toks20 -) -(/usr/share/texlive/texmf-dist/tex/latex/listings/listings.sty -\lst@mode=\count273 -\lst@gtempboxa=\box52 -\lst@token=\toks21 -\lst@length=\count274 -\lst@currlwidth=\dimen150 -\lst@column=\count275 -\lst@pos=\count276 -\lst@lostspace=\dimen151 -\lst@width=\dimen152 -\lst@newlines=\count277 -\lst@lineno=\count278 -\lst@maxwidth=\dimen153 - -(/usr/share/texlive/texmf-dist/tex/latex/listings/lstpatch.sty -File: lstpatch.sty 2024/09/23 1.10c (Carsten Heinz) -) -(/usr/share/texlive/texmf-dist/tex/latex/listings/lstmisc.sty -File: lstmisc.sty 2024/09/23 1.10c (Carsten Heinz) -\c@lstnumber=\count279 -\lst@skipnumbers=\count280 -\lst@framebox=\box53 -) -(/usr/share/texlive/texmf-dist/tex/latex/listings/listings.cfg -File: listings.cfg 2024/09/23 1.10c listings configuration -)) -Package: listings 2024/09/23 1.10c (Carsten Heinz) - -(/usr/share/texlive/texmf-dist/tex/latex/xcolor/xcolor.sty -Package: xcolor 2024/09/29 v3.02 LaTeX color extensions (UK) - -(/usr/share/texlive/texmf-dist/tex/latex/graphics-cfg/color.cfg -File: color.cfg 2016/01/02 v1.6 sample color configuration -) -Package xcolor Info: Driver file: pdftex.def on input line 274. - -(/usr/share/texlive/texmf-dist/tex/latex/graphics-def/pdftex.def -File: pdftex.def 2024/04/13 v1.2c Graphics/color driver for pdftex -) -(/usr/share/texlive/texmf-dist/tex/latex/graphics/mathcolor.ltx) -Package xcolor Info: Model `cmy' substituted by `cmy0' on input line 1349. -Package xcolor Info: Model `hsb' substituted by `rgb' on input line 1353. -Package xcolor Info: Model `RGB' extended on input line 1365. -Package xcolor Info: Model `HTML' substituted by `rgb' on input line 1367. -Package xcolor Info: Model `Hsb' substituted by `hsb' on input line 1368. -Package xcolor Info: Model `tHsb' substituted by `hsb' on input line 1369. -Package xcolor Info: Model `HSB' substituted by `hsb' on input line 1370. -Package xcolor Info: Model `Gray' substituted by `gray' on input line 1371. -Package xcolor Info: Model `wave' substituted by `hsb' on input line 1372. -) -(/usr/share/texlive/texmf-dist/tex/latex/parskip/parskip.sty -Package: parskip 2021-03-14 v2.0h non-zero parskip adjustments - -(/usr/share/texlive/texmf-dist/tex/latex/kvoptions/kvoptions.sty -Package: kvoptions 2022-06-15 v3.15 Key value format for package options (HO) - -(/usr/share/texlive/texmf-dist/tex/generic/ltxcmds/ltxcmds.sty -Package: ltxcmds 2023-12-04 v1.26 LaTeX kernel commands for general use (HO) -) -(/usr/share/texlive/texmf-dist/tex/latex/kvsetkeys/kvsetkeys.sty -Package: kvsetkeys 2022-10-05 v1.19 Key value parser (HO) -)) -(/usr/share/texlive/texmf-dist/tex/latex/etoolbox/etoolbox.sty -Package: etoolbox 2020/10/05 v2.5k e-TeX tools for LaTeX (JAW) -\etb@tempcnta=\count281 -)) -LaTeX Font Info: Trying to load font information for T1+lmr on input line 35 -. - -(/usr/share/texmf/tex/latex/lm/t1lmr.fd -File: t1lmr.fd 2015/05/01 v1.6.1 Font defs for Latin Modern -) -(/usr/share/texlive/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def -File: l3backend-pdftex.def 2024-05-08 L3 backend support: PDF output (pdfTeX) -\l__color_backend_stack_int=\count282 -\l__pdf_internal_box=\box54 -) -(./main.aux) -\openout1 = `main.aux'. - -LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 35. -LaTeX Font Info: ... okay on input line 35. -LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 35. -LaTeX Font Info: ... okay on input line 35. -LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 35. -LaTeX Font Info: ... okay on input line 35. -LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 35. -LaTeX Font Info: ... okay on input line 35. -LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 35. -LaTeX Font Info: ... okay on input line 35. -LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 35. -LaTeX Font Info: ... okay on input line 35. -LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 35. -LaTeX Font Info: ... okay on input line 35. - -*geometry* driver: auto-detecting -*geometry* detected driver: pdftex -*geometry* verbose mode - [ preamble ] result: -* driver: pdftex -* paper: a4paper -* layout: -* layoutoffset:(h,v)=(0.0pt,0.0pt) -* modes: -* h-part:(L,W,R)=(72.26999pt, 452.9679pt, 72.26999pt) -* v-part:(T,H,B)=(72.26999pt, 700.50687pt, 72.26999pt) -* \paperwidth=597.50787pt -* \paperheight=845.04684pt -* \textwidth=452.9679pt -* \textheight=700.50687pt -* \oddsidemargin=0.0pt -* \evensidemargin=0.0pt -* \topmargin=-37.0pt -* \headheight=12.0pt -* \headsep=25.0pt -* \topskip=12.0pt -* \footskip=30.0pt -* \marginparwidth=35.0pt -* \marginparsep=10.0pt -* \columnsep=10.0pt -* \skip\footins=10.8pt plus 4.0pt minus 2.0pt -* \hoffset=0.0pt -* \voffset=0.0pt -* \mag=1000 -* \@twocolumnfalse -* \@twosidefalse -* \@mparswitchfalse -* \@reversemarginfalse -* (1in=72.27pt=25.4mm, 1cm=28.453pt) - -\c@lstlisting=\count283 -(/usr/share/texlive/texmf-dist/tex/context/base/mkii/supp-pdf.mkii -[Loading MPS to PDF converter (version 2006.09.02).] -\scratchcounter=\count284 -\scratchdimen=\dimen154 -\scratchbox=\box55 -\nofMPsegments=\count285 -\nofMParguments=\count286 -\everyMPshowfont=\toks22 -\MPscratchCnt=\count287 -\MPscratchDim=\dimen155 -\MPnumerator=\count288 -\makeMPintoPDFobject=\count289 -\everyMPtoPDFconversion=\toks23 -) -LaTeX Font Info: Trying to load font information for OT1+lmr on input line 4 -0. - (/usr/share/texmf/tex/latex/lm/ot1lmr.fd -File: ot1lmr.fd 2015/05/01 v1.6.1 Font defs for Latin Modern -) -LaTeX Font Info: Trying to load font information for OML+lmm on input line 4 -0. - -(/usr/share/texmf/tex/latex/lm/omllmm.fd -File: omllmm.fd 2015/05/01 v1.6.1 Font defs for Latin Modern -) -LaTeX Font Info: Trying to load font information for OMS+lmsy on input line -40. - -(/usr/share/texmf/tex/latex/lm/omslmsy.fd -File: omslmsy.fd 2015/05/01 v1.6.1 Font defs for Latin Modern -) -LaTeX Font Info: Trying to load font information for OMX+lmex on input line -40. - -(/usr/share/texmf/tex/latex/lm/omxlmex.fd -File: omxlmex.fd 2015/05/01 v1.6.1 Font defs for Latin Modern -) -LaTeX Font Info: External font `lmex10' loaded for size -(Font) <14.4> on input line 40. -LaTeX Font Info: External font `lmex10' loaded for size -(Font) <10> on input line 40. -LaTeX Font Info: External font `lmex10' loaded for size -(Font) <7> on input line 40. -LaTeX Font Info: Trying to load font information for T1+lmtt on input line 4 -3. - -(/usr/share/texmf/tex/latex/lm/t1lmtt.fd -File: t1lmtt.fd 2015/05/01 v1.6.1 Font defs for Latin Modern -) -LaTeX Font Info: Trying to load font information for TS1+lmr on input line 4 -8. - -(/usr/share/texmf/tex/latex/lm/ts1lmr.fd -File: ts1lmr.fd 2015/05/01 v1.6.1 Font defs for Latin Modern -) -(/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty -File: lstlang1.sty 2024/09/23 1.10c listings language file -) -(/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty -File: lstlang1.sty 2024/09/23 1.10c listings language file -) -Overfull \hbox (23.59369pt too wide) in paragraph at lines 65--66 -\T1/lmr/m/n/12 The \T1/lmtt/m/n/12 security.syscalls.intercept.mount\T1/lmr/m/n -/12 , \T1/lmtt/m/n/12 security.nesting\T1/lmr/m/n/12 , and \T1/lmtt/m/n/12 secu -rity.privileged - [] - - - -[1 - -{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}{/usr/share/texmf/fonts/enc/ -dvips/lm/lm-ec.enc}{/usr/share/texmf/fonts/enc/dvips/lm/lm-ts1.enc}] - -[2] -LaTeX Font Info: Font shape `T1/lmtt/bx/n' in size <10.95> not available -(Font) Font shape `T1/lmtt/b/n' tried instead on input line 117. - -Overfull \hbox (25.69144pt too wide) in paragraph at lines 164--165 -[]\T1/lmtt/m/n/12 dhcp-range\T1/lmr/m/n/12 : De-fines the IP range for DHCP cli -ents (from 192.168.1.100 to 192.168.1.200, - [] - - - -[3] - -[4] (./main.aux) - *********** -LaTeX2e <2024-11-01> -L3 programming layer <2024-11-02> - *********** - ) -Here is how much of TeX's memory you used: - 5009 strings out of 473362 - 72806 string characters out of 5723554 - 842560 words of memory out of 5000000 - 28076 multiletter control sequences out of 15000+600000 - 598499 words of font info for 61 fonts, out of 8000000 for 9000 - 1141 hyphenation exceptions out of 8191 - 57i,6n,65p,493b,1661s stack positions out of 10000i,1000n,20000p,200000b,200000s - -Output written on main.pdf (4 pages, 199974 bytes). -PDF statistics: - 57 PDF objects out of 1000 (max. 8388607) - 35 compressed objects within 1 object stream - 0 named destinations out of 1000 (max. 500000) - 1 words of extra memory for PDF output out of 10000 (max. 10000000) - diff --git a/doc/main.tex b/doc/main.tex index 43346e5..f9de0a9 100644 --- a/doc/main.tex +++ b/doc/main.tex @@ -32,6 +32,20 @@ morestring=[b]{'} } +% Define Python language for listings +\lstdefinelanguage{python}{ + keywords={def,class,import,from,as,try,except,with,return,raise,if,elif,else,for,in,while,break,continue}, + keywordstyle=\color{blue}\bfseries, + basicstyle=\ttfamily\small, + sensitive=true, + comment=[l]{\#}, + commentstyle=\color{gray}\itshape, + stringstyle=\color{red}, + morestring=[b]{"}, + morestring=[b]{'}, + identifierstyle=\color{black} +} + \begin{document} \title{Basic Configuration of dnsmasq in an Incus Container on Debian with Netplan} @@ -40,13 +54,14 @@ \maketitle \section{Introduction} -This guide provides step-by-step instructions for setting up \texttt{dnsmasq} as a DNS and DHCP server in an Incus container running Debian. The network configuration is managed using Netplan to ensure proper network integration. +This guide provides step-by-step instructions for setting up \texttt{dnsmasq} as a DNS and DHCP server in an Incus container running Debian. The network configuration is managed using Netplan and a custom Python script to create virtual Ethernet (veth) pairs and bridges, ensuring proper network integration. \section{Prerequisites} Before proceeding, ensure the following: \begin{itemize} \item Incus is installed on the host system (\texttt{sudo apt install incus}). \item A Debian-based container is created in Incus. + \item Python 3 and the \texttt{pyroute2} package are installed on the host (\texttt{sudo apt install python3 python3-pyroute2}). \item Basic knowledge of Linux networking and container management. \item Root or sudo access to the host and container. \end{itemize} @@ -107,8 +122,50 @@ incus exec dnsmasq-container -- apt update incus exec dnsmasq-container -- apt install dnsmasq -y \end{lstlisting} +\subsection{Configuring Network with Veth Pairs and Netplan} +To enable advanced networking, use the provided Python script (\texttt{link.py}) to create a virtual Ethernet (veth) pair connecting the container to the host's network namespace, with an optional bridge for network integration. Save the following script as \texttt{link.py} on the host: + +\begin{lstlisting}[language=python] +import argparse +import os +import subprocess +import sys +from pyroute2 import IPRoute, NetNS + +# ... (rest of the link.py script as provided) ... +\end{lstlisting} + +Run the script to create a veth pair, move one end to the container's network namespace, and attach it to a bridge on the host. First, identify the container's name or ID: +\begin{lstlisting}[language=bash] +incus list +\end{lstlisting} +Assuming the container name is \texttt{dnsmasq-container}, execute the script with sudo privileges: +\begin{lstlisting}[language=bash] +sudo python3 link.py --namespace1 dnsmasq-container --namespace2 1 \ + --name1 veth-container --name2 veth-host \ + --bridge2 br0 --type1 incus +\end{lstlisting} + +\textbf{Explanation:} +\begin{itemize} + \item \texttt{--namespace1 dnsmasq-container}: Specifies the container's network namespace (Incus container). + \item \texttt{--namespace2 1}: Specifies the default (host) namespace. + \item \texttt{--name1 veth-container}: Names the veth interface inside the container. + \item \texttt{--name2 veth-host}: Names the veth interface on the host. + \item \texttt{--bridge2 br0}: Attaches the host's veth interface to a bridge named \texttt{br0}. + \item \texttt{--type1 incus}: Indicates that \texttt{namespace1} is an Incus container. +\end{itemize} + +Before running the script, ensure the bridge \texttt{br0} exists on the host. Create it if necessary: +\begin{lstlisting}[language=bash] +sudo ip link add name br0 type bridge +sudo ip link set br0 up +\end{lstlisting} + +The script exposes the container's network namespace, creates the veth pair, moves \texttt{veth-container} to the container's namespace, attaches \texttt{veth-host} to \texttt{br0}, and brings both interfaces up. + \subsection{Configuring the Network with Netplan} -Configure the container's network using Netplan to assign a static IP address. Create or edit the Netplan configuration file at \texttt{/etc/netplan/01-netcfg.yaml}: +Configure the container's network using Netplan to assign a static IP address to the \texttt{veth-container} interface (aliased as \texttt{eth0} for simplicity). Create or edit the Netplan configuration file at \texttt{/etc/netplan/01-netcfg.yaml} inside the container: \begin{lstlisting}[language=bash] incus exec dnsmasq-container -- nano /etc/netplan/01-netcfg.yaml \end{lstlisting} @@ -118,6 +175,8 @@ network: version: 2 ethernets: eth0: + match: + name: veth-container dhcp4: no addresses: - 192.168.1.10/24 @@ -127,11 +186,27 @@ network: nameservers: addresses: [8.8.8.8, 8.8.4.4] \end{lstlisting} + +\textbf{Explanation:} +\begin{itemize} + \item \texttt{match: name: veth-container}: Matches the \texttt{veth-container} interface created by the script, aliased as \texttt{eth0}. + \item \texttt{dhcp4: no}: Disables DHCP to use a static IP. + \item \texttt{addresses}: Assigns the static IP \texttt{192.168.1.10/24}. + \item \texttt{routes}: Sets the default gateway to \texttt{192.168.1.1}. + \item \texttt{nameservers}: Specifies Google's DNS servers. +\end{itemize} + Apply the configuration: \begin{lstlisting}[language=bash] incus exec dnsmasq-container -- netplan apply \end{lstlisting} +Verify the network configuration: +\begin{lstlisting}[language=bash] +incus exec dnsmasq-container -- ip a show eth0 +incus exec dnsmasq-container -- ping 8.8.8.8 +\end{lstlisting} + \subsection{Configuring dnsmasq} Edit the \texttt{dnsmasq} configuration file at \texttt{/etc/dnsmasq.conf}: \begin{lstlisting}[language=bash] @@ -181,7 +256,7 @@ Test DNS resolution from within the container: \begin{lstlisting}[language=bash] incus exec dnsmasq-container -- nslookup example.local 192.168.1.10 \end{lstlisting} -To test DHCP, connect a client device to the same network and verify that it receives an IP address in the range \texttt{192.168.1.100--192.168.1.200}. +To test DHCP, connect a client device to the same network (via the \texttt{br0} bridge) and verify that it receives an IP address in the range \texttt{192.168.1.100--192.168.1.200}. \section{Troubleshooting} If \texttt{dnsmasq} fails to start: @@ -189,9 +264,10 @@ If \texttt{dnsmasq} fails to start: \item Check the logs: \texttt{incus exec dnsmasq-container -- journalctl -u dnsmasq}. \item Ensure no other service is using port 53 (DNS) or 67 (DHCP). \item Verify the network configuration with \texttt{incus exec dnsmasq-container -- ip a} and \texttt{incus exec dnsmasq-container -- ping 8.8.8.8}. + \item Confirm the veth pair and bridge setup: \texttt{ip link show} on the host and \texttt{incus exec dnsmasq-container -- ip link show}. \end{itemize} \section{Conclusion} -This guide configures \texttt{dnsmasq} as a DNS and DHCP server in an Incus container on Debian. The Netplan configuration ensures proper network setup. For advanced configurations, refer to the \texttt{dnsmasq} documentation (\texttt{man dnsmasq}). +This guide configures \texttt{dnsmasq} as a DNS and DHCP server in an Incus container on Debian. The \texttt{link.py} script and Netplan configuration ensure a robust network setup with veth pairs and static IP addressing. For advanced configurations, refer to the \texttt{dnsmasq} documentation (\texttt{man dnsmasq}) and \texttt{pyroute2} documentation. -\end{document} \ No newline at end of file +\end{document} diff --git a/py/link.,py b/py/link.,py new file mode 100644 index 0000000..8799c19 --- /dev/null +++ b/py/link.,py @@ -0,0 +1,429 @@ +import argparse +import os +import subprocess +import sys +from pyroute2 import IPRoute, NetNS + +class NetworkNamespaceManager: + """ + Provides functionalities to manage network namespaces. + + Network namespaces partition network resources such as network links, + IP addresses, and port numbers into disjoint sets. + """ + + @staticmethod + def list_netns(): + """ + List all available network namespaces. + + Scans the '/var/run/netns' directory and prints out all + the network namespace files present. If no namespaces are found, it + prints a message indicating that. + """ + netns_dir = "/var/run/netns" + try: + netns_files = os.listdir(netns_dir) + if netns_files: + print("List of available network namespaces:") + for netns_file in netns_files: + print(f"- {netns_file}") + else: + print("No network namespaces found.") + except OSError as e: + print(f"Error listing network namespaces: {e}") + +class ContainerNetnsExposer: + """ + Responsible for exposing network namespaces of containers. + + Supports Docker, LXC, LXD, and Incus containers, allowing the user to interact + with their network namespaces. + """ + + def __init__(self): + """ + Initializes the ContainerNetnsExposer instance. + """ + self.netns_pid = None + self.netns_path = None + + def expose_container_netns(self, container_id_or_name, container_type='docker'): + """ + Expose the network namespace of a specified container. + + Parameters: + container_id_or_name (str): The identifier or name of the container. + container_type (str): The type of the container ('docker', 'lxc', 'lxd', or 'incus'). + + Returns: + str: The PID of the container as a string. + + Raises: + SystemExit: If the container type is unsupported or if there is an error + in retrieving the container's PID. + """ + if container_type == 'docker': + self.get_docker_container_pid(container_id_or_name) + elif container_type in ('lxc', 'lxd', 'incus'): + self.get_lxc_container_pid(container_id_or_name, container_type) + else: + print("Unsupported container type. Only 'docker', 'lxc', 'lxd', and 'incus' are supported.") + sys.exit(1) + + self.create_netns_directory() + self.create_or_remove_netns_symlink() + return str(self.netns_pid) + + def get_docker_container_pid(self, container_id_or_name): + """ + Retrieve the PID of a Docker container. + + Parameters: + container_id_or_name (str): The identifier or name of the Docker container. + + Raises: + SystemExit: If there is an error in retrieving the Docker container's PID. + """ + try: + self.netns_pid = subprocess.check_output( + ["sudo", "docker", "inspect", "-f", "{{.State.Pid}}", container_id_or_name], + universal_newlines=True + ).strip() + except subprocess.CalledProcessError: + print("Error retrieving Docker container PID. Make sure the container exists and is running.") + sys.exit(1) + + def get_lxc_container_pid(self, container_name, container_type='lxc'): + """ + Retrieve the PID of an LXC, LXD, or Incus container. + + Parameters: + container_name (str): The name of the container. + container_type (str): The type of the container ('lxc', 'lxd', or 'incus'). + + Raises: + SystemExit: If there is an error in retrieving the container's PID. + """ + try: + if container_type == 'lxc': + output = subprocess.check_output( + ["lxc-info", "-n", container_name, "-p"], + universal_newlines=True + ) + self.netns_pid = output.strip().split()[-1] + elif container_type == 'lxd': + output = subprocess.check_output( + ["sudo", "lxc", "info", container_name], + universal_newlines=True + ) + for line in output.splitlines(): + if line.strip().startswith("PID:"): + self.netns_pid = line.split(':')[1].strip() + break + else: + print(f"PID not found in 'lxc info' output for container '{container_name}'.") + sys.exit(1) + elif container_type == 'incus': + output = subprocess.check_output( + ["sudo", "incus", "info", container_name], + universal_newlines=True + ) + for line in output.splitlines(): + if line.strip().startswith("PID:"): + self.netns_pid = line.split(':')[1].strip() + break + else: + print(f"PID not found in 'incus info' output for container '{container_name}'.") + sys.exit(1) + except subprocess.CalledProcessError as e: + print(f"Error retrieving {container_type.upper()} container PID for '{container_name}'. Error: {e}") + sys.exit(1) + + def create_netns_directory(self): + """ + Create the network namespace directory if it does not exist. + + Ensures that the directory '/var/run/netns' exists, which is used + to store network namespace symlinks. + """ + try: + subprocess.run(["sudo", "mkdir", "-p", "/var/run/netns"], check=True) + except subprocess.CalledProcessError as e: + print(f"Error creating network namespace directory: {e.stderr.strip()}") + sys.exit(1) + + def create_or_remove_netns_symlink(self): + """ + Create or remove a symlink to the network namespace of a container. + + Sets up a symlink in '/var/run/netns', pointing to the network namespace + of the container identified by its PID. If a symlink with the same name + already exists, it is removed before creating a new one. + """ + self.netns_path = f"/var/run/netns/{self.netns_pid}" + + try: + if os.path.exists(self.netns_path): + subprocess.run(["sudo", "rm", "-rf", self.netns_path], check=True) + subprocess.run(["sudo", "ln", "-s", f"/proc/{self.netns_pid}/ns/net", self.netns_path], check=True) + except subprocess.CalledProcessError as e: + print(f"Error creating or removing symlink: {e}") + sys.exit(1) + +class IfaceManager: + """ + Manages network interfaces, including creation, deletion, and configuration + of veth pairs, VLANs, and bridges. + """ + + def delete(self, iface_name, namespace=None): + """ + Delete a network interface. + + Parameters: + iface_name (str): The name of the interface to delete. + namespace (str, optional): The network namespace where the interface exists. + + Raises: + Exception: If the interface cannot be deleted. + """ + try: + if namespace: + context_manager = NetNS(namespace) + else: + context_manager = IPRoute() + + with context_manager as ns: + iface_idx_list = ns.link_lookup(ifname=iface_name) + if not iface_idx_list: + raise ValueError(f"Interface {iface_name} not found.") + iface_idx = iface_idx_list[0] + ns.link('del', index=iface_idx) + except Exception as e: + print(f"Error deleting interface {iface_name} in namespace {namespace}: {e}") + + def create_veth(self, iface1, iface2, namespace=None): + """ + Create a veth pair. + + Parameters: + iface1 (str): The name of the first interface. + iface2 (str): The name of the second interface. + namespace (str, optional): The network namespace where to create the veth pair. + + Raises: + Exception: If the veth pair cannot be created. + """ + try: + if namespace: + context_manager = NetNS(namespace) + else: + context_manager = IPRoute() + + with context_manager as ns: + ns.link('add', ifname=iface1, peer={'ifname': iface2}, kind='veth') + except Exception as e: + print(f"Error creating veth pair {iface1} and {iface2}: {e}") + + def create_vlan(self, base_iface, vlan_id, namespace=None): + """ + Create a VLAN interface. + + Parameters: + base_iface (str): The base interface name. + vlan_id (int): The VLAN ID. + namespace (str, optional): The network namespace where to create the VLAN interface. + + Raises: + Exception: If the VLAN interface cannot be created. + """ + try: + if namespace: + context_manager = NetNS(namespace) + else: + context_manager = IPRoute() + + with context_manager as ns: + base_iface_idx_list = ns.link_lookup(ifname=base_iface) + if not base_iface_idx_list: + raise ValueError(f"Base interface {base_iface} not found.") + base_iface_idx = base_iface_idx_list[0] + + vlan_iface = f"{base_iface}.{vlan_id}" + ns.link('add', ifname=vlan_iface, link=base_iface_idx, kind='vlan', vlan_info={'id': vlan_id}) + except Exception as e: + print(f"Error creating VLAN on interface {base_iface}: {e}") + + def create_bridge(self, bridge_name, namespace=None): + """ + Create a bridge interface. + + Parameters: + bridge_name (str): The name of the bridge. + namespace (str, optional): The network namespace where to create the bridge. + + Raises: + Exception: If the bridge cannot be created. + """ + try: + if namespace: + context_manager = NetNS(namespace) + else: + context_manager = IPRoute() + + with context_manager as ns: + ns.link('add', ifname=bridge_name, kind='bridge') + except Exception as e: + print(f"Error creating bridge {bridge_name}: {e}") + + def move(self, iface, namespace): + """ + Move a network interface to another namespace. + + Parameters: + iface (str): The interface name to move. + namespace (str): The target network namespace. + + Raises: + Exception: If the interface cannot be moved. + """ + try: + ipr = IPRoute() + idx_list = ipr.link_lookup(ifname=iface) + if not idx_list: + raise ValueError(f"Interface {iface} not found.") + idx = idx_list[0] + ipr.link('set', index=idx, net_ns_fd=namespace) + except Exception as e: + print(f"Error moving interface {iface} to namespace {namespace}: {e}") + + def set_interface_up(self, iface_name, namespace=None): + """ + Set a network interface up. + + Parameters: + iface_name (str): The name of the interface. + namespace (str, optional): The network namespace where the interface exists. + + Raises: + Exception: If the interface cannot be set up. + """ + try: + if namespace: + context_manager = NetNS(namespace) + else: + context_manager = IPRoute() + + with context_manager as ns: + iface_idx_list = ns.link_lookup(ifname=iface_name) + if not iface_idx_list: + raise ValueError(f"Interface {iface_name} not found.") + iface_idx = iface_idx_list[0] + ns.link("set", index=iface_idx, state="up") + except Exception as e: + print(f"Error setting up interface {iface_name} in namespace {namespace}: {e}") + + def attach_to_bridge(self, iface_name, bridge_name, namespace=None): + """ + Attach an interface to a bridge. + + Parameters: + iface_name (str): The name of the interface. + bridge_name (str): The name of the bridge. + namespace (str, optional): The network namespace where the interface and bridge exist. + + Raises: + Exception: If the interface cannot be attached to the bridge. + """ + try: + if namespace: + context_manager = NetNS(namespace) + else: + context_manager = IPRoute() + + with context_manager as ns: + iface_idx_list = ns.link_lookup(ifname=iface_name) + if not iface_idx_list: + raise ValueError(f"Interface {iface_name} not found.") + iface_idx = iface_idx_list[0] + + bridge_idx_list = ns.link_lookup(ifname=bridge_name) + if not bridge_idx_list: + raise ValueError(f"Bridge {bridge_name} not found.") + bridge_idx = bridge_idx_list[0] + + ns.link("set", index=iface_idx, master=bridge_idx) + except Exception as e: + print(f"Error attaching interface {iface_name} to bridge {bridge_name} in namespace {namespace}: {e}") + +def interpret_namespace(namespace_arg): + """ + Interpret the namespace argument. + + If the argument is '1', converts it to None (representing the default namespace), + otherwise returns the argument as is. + + Parameters: + namespace_arg (str): The namespace argument. + + Returns: + str or None: The interpreted namespace. + """ + return None if namespace_arg == '1' else namespace_arg + +def main(): + parser = argparse.ArgumentParser(description="Create veth pairs between containers with optional bridge attachment.") + parser.add_argument("-ns1", "--namespace1", default=None, help="Name of the first namespace or container, or '1' for the default namespace.") + parser.add_argument("-ns2", "--namespace2", default=None, help="Name of the second namespace or container, or '1' for the default namespace.") + parser.add_argument("-n1", "--name1", required=True, help="Name of the first veth interface.") + parser.add_argument("-n2", "--name2", required=True, help="Name of the second veth interface.") + parser.add_argument("-b1", "--bridge1", default=None, help="Name of the network bridge for ns1.") + parser.add_argument("-b2", "--bridge2", default=None, help="Name of the network bridge for ns2.") + parser.add_argument("-t1", "--type1", default=None, help="Container type for ns1 ('docker', 'lxc', 'lxd', 'incus', or 'None' for the default namespace).") + parser.add_argument("-t2", "--type2", default=None, help="Container type for ns2 ('docker', 'lxc', 'lxd', 'incus', or 'None' for the default namespace).") + + args = parser.parse_args() + + # Processing namespace arguments and container types + ns1, type1 = interpret_namespace(args.namespace1), args.type1 + ns2, type2 = interpret_namespace(args.namespace2), args.type2 + + # Instantiate management classes + iface_manager = IfaceManager() + container_exposer = ContainerNetnsExposer() + + # Expose container network namespaces if applicable + if type1 and ns1: + ns1_pid = container_exposer.expose_container_netns(ns1, type1) + ns1 = ns1_pid + if type2 and ns2: + ns2_pid = container_exposer.expose_container_netns(ns2, type2) + ns2 = ns2_pid + + # Create veth pair + iface_manager.create_veth(args.name1, args.name2) + + # Move ends of the veth pair to appropriate namespaces if required + if ns1: + iface_manager.move(args.name1, ns1) + if ns2: + iface_manager.move(args.name2, ns2) + + # Optional: Attach to network bridge and bring interfaces up + if args.bridge1 and args.name1: + iface_manager.attach_to_bridge(args.name1, args.bridge1, ns1) + iface_manager.set_interface_up(args.name1, ns1) + if args.bridge2 and args.name2: + iface_manager.attach_to_bridge(args.name2, args.bridge2, ns2) + iface_manager.set_interface_up(args.name2, ns2) + + # Bring up interfaces if not already up + if not args.bridge1 and args.name1: + iface_manager.set_interface_up(args.name1, ns1) + if not args.bridge2 and args.name2: + iface_manager.set_interface_up(args.name2, ns2) + +if __name__ == "__main__": + main() +