diff options
| author | Maximilian Bosch <maximilian@mbosch.me> | 2019-04-22 17:42:45 +0200 |
|---|---|---|
| committer | Maximilian Bosch <maximilian@mbosch.me> | 2019-04-22 18:13:45 +0200 |
| commit | c957341ef5db943becde127bc05c2a74300ae6f9 (patch) | |
| tree | ceb4a27d73a2be4c42510a11b310152fca7ca699 | |
| parent | f1c559057eae5dbf20b8948c50c270207acd2067 (diff) | |
| download | nixpkgs-c957341ef5db943becde127bc05c2a74300ae6f9.tar nixpkgs-c957341ef5db943becde127bc05c2a74300ae6f9.tar.gz nixpkgs-c957341ef5db943becde127bc05c2a74300ae6f9.tar.bz2 nixpkgs-c957341ef5db943becde127bc05c2a74300ae6f9.tar.lz nixpkgs-c957341ef5db943becde127bc05c2a74300ae6f9.tar.xz nixpkgs-c957341ef5db943becde127bc05c2a74300ae6f9.tar.zst nixpkgs-c957341ef5db943becde127bc05c2a74300ae6f9.zip | |
nixos-container: allow setting custom local and host address
I have a nixops network where I deploy containers using the `container`
backend which uses `nixos-container` intenrally to deploy several
containers to a certain host.
During that time I removed and added new containers and while trying to
deploy those to a different host I realized that it isn't guaranteed
that each container gets the same IP address which is a problem as some
parts of the deployment need to know which container is using which IP
(i.e. to configure port forwarding on the host).
With this change you can specify the container's IP like this (and don't
have to use the arbitrarily used 10.233.0.0/16 subnet):
```
$ nixos-container create test --config-file test-container.nix \
--local-address 10.235.1.2 --host-address 10.235.1.1
```
| -rw-r--r-- | nixos/doc/manual/administration/imperative-containers.xml | 7 | ||||
| -rwxr-xr-x | pkgs/tools/virtualization/nixos-container/nixos-container.pl | 32 |
2 files changed, 28 insertions, 11 deletions
diff --git a/nixos/doc/manual/administration/imperative-containers.xml b/nixos/doc/manual/administration/imperative-containers.xml index 9bb62bc2ece..7ded0c11786 100644 --- a/nixos/doc/manual/administration/imperative-containers.xml +++ b/nixos/doc/manual/administration/imperative-containers.xml @@ -30,6 +30,13 @@ <link linkend="opt-users.users._name__.openssh.authorizedKeys.keys">users.users.root.openssh.authorizedKeys.keys</link> = ["ssh-dss AAAAB3N…"]; ' </screen> + By default the next free address in the <literal>10.233.0.0/16</literal> subnet will be chosen + as container IP. This behavior can be altered by setting <literal>--host-address</literal> and + <literal>--local-address</literal>: +<screen> +# nixos-container create test --config-file test-container.nix \ + --local-address 10.235.1.2 --host-address 10.235.1.1 +</screen> </para> <para> diff --git a/pkgs/tools/virtualization/nixos-container/nixos-container.pl b/pkgs/tools/virtualization/nixos-container/nixos-container.pl index a210a65f431..b5ceb522e23 100755 --- a/pkgs/tools/virtualization/nixos-container/nixos-container.pl +++ b/pkgs/tools/virtualization/nixos-container/nixos-container.pl @@ -23,7 +23,7 @@ $ENV{"NIXOS_CONFIG"} = ""; sub showHelp { print <<EOF; Usage: nixos-container list - nixos-container create <container-name> [--nixos-path <path>] [--system-path <path>] [--config-file <path>] [--config <string>] [--ensure-unique-name] [--auto-start] [--bridge <iface>] [--port <port>] + nixos-container create <container-name> [--nixos-path <path>] [--system-path <path>] [--config-file <path>] [--config <string>] [--ensure-unique-name] [--auto-start] [--bridge <iface>] [--port <port>] [--host-address <string>] [--local-address <string>] nixos-container destroy <container-name> nixos-container start <container-name> nixos-container stop <container-name> @@ -48,6 +48,8 @@ my $port; my $extraConfig; my $signal; my $configFile; +my $hostAddress; +my $localAddress; GetOptions( "help" => sub { showHelp() }, @@ -59,9 +61,15 @@ GetOptions( "signal=s" => \$signal, "nixos-path=s" => \$nixosPath, "config=s" => \$extraConfig, - "config-file=s" => \$configFile + "config-file=s" => \$configFile, + "host-address=s" => \$hostAddress, + "local-address=s" => \$localAddress, ) or exit 1; +if (defined $hostAddress and !defined $localAddress or defined $localAddress and !defined $hostAddress) { + die "With --host-address set, --local-address is required as well!"; +} + my $action = $ARGV[0] or die "$0: no action specified\n"; if (defined $configFile and defined $extraConfig) { @@ -149,16 +157,18 @@ if ($action eq "create") { $usedIPs{$1} = 1 if $s =~ /^LOCAL_ADDRESS=([0-9\.]+)$/m; } - my ($ipPrefix, $hostAddress, $localAddress); - for (my $nr = 1; $nr < 255; $nr++) { - $ipPrefix = "10.233.$nr"; - $hostAddress = "$ipPrefix.1"; - $localAddress = "$ipPrefix.2"; - last unless $usedIPs{$hostAddress} || $usedIPs{$localAddress}; - $ipPrefix = undef; - } + unless (defined $hostAddress) { + my $ipPrefix; + for (my $nr = 1; $nr < 255; $nr++) { + $ipPrefix = "10.233.$nr"; + $hostAddress = "$ipPrefix.1"; + $localAddress = "$ipPrefix.2"; + last unless $usedIPs{$hostAddress} || $usedIPs{$localAddress}; + $ipPrefix = undef; + } - die "$0: out of IP addresses\n" unless defined $ipPrefix; + die "$0: out of IP addresses\n" unless defined $ipPrefix; + } my @conf; push @conf, "PRIVATE_NETWORK=1\n"; |