#!/bin/sh # Copyright (C) 2008,2009 Citrix Systems, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU Lesser General Public License as published # by the Free Software Foundation; version 2.1 only. with the special # exception on linking described in file LICENSE. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Lesser General Public License for more details. # CA-23900: Warning: when VIFs are added to windows guests with PV drivers the backend vif device is registered, # unregistered and then registered again. This causes the udev event to fire twice and this script runs twice. # Since the first invocation of the script races with the device unregistration, spurious errors are possible # which will be logged but are safe to ignore since the second script invocation should complete the operation. # Note that each script invocation is run synchronously from udev and so the scripts don't race with each other. # Keep other-config/ keys in sync with device.ml:vif_udev_keys BRCTL="/usr/sbin/brctl" IP="/sbin/ip" vsctl="/usr/bin/ovs-vsctl" # XAPI before build 29381 (approximately) did not provide some of the # data in XenStore that we rely on. . /etc/xensource-inventory if test "$PRODUCT_VERSION" = "5.5.0" || test "${BUILD_NUMBER%[a-z]}" -le 26131 then xs550=true else xs550=false fi handle_promiscuous() { local arg=$(xenstore-read "${PRIVATE}/other-config/promiscuous" 2>/dev/null) if [ $? -eq 0 -a -n "${arg}" ] ; then case $NETWORK_MODE in bridge) case "${arg}" in true|on) echo 1 > /sys/class/net/${dev}/brport/promisc ;; *) echo 0 > /sys/class/net/${dev}/brport/promisc ;; esac ;; openvswitch) logger -t script-vif "${dev}: Promiscuous ports are not supported via Open vSwitch." ;; esac fi } handle_ethtool() { local opt=$1 local arg=$(xenstore-read "${PRIVATE}/other-config/ethtool-${opt}" 2>/dev/null) if [ $? -eq 0 -a -n "${arg}" ] ; then case "${arg}" in true|on) /sbin/ethtool -K "${dev}" "${opt}" on ;; false|off) /sbin/ethtool -K "${dev}" "${opt}" off ;; *) logger -t scripts-vif "Unknown ethtool argument ${opt}=${arg} on ${dev}/${VIFUUID}" ;; esac fi } handle_mtu() { local mtu=$(xenstore-read "${PRIVATE}/MTU" 2>/dev/null) if [ $? -eq 0 -a -n "${mtu}" ]; then logger -t scripts-vif "Setting ${dev} MTU ${mtu}" ${IP} link set "${dev}" mtu ${mtu} || logger -t scripts-vif "Failed to ip link set ${dev} mtu ${mtu}. Error code $?" fi } set_vif_external_id() { local key=$1 local value=$2 logger -t scripts-vif "vif${DOMID}.${DEVID} external-ids:\"${key}\"=\"${value}\"" echo "-- set interface vif${DOMID}.${DEVID} external-ids:\"${key}\"=\"${value}\"" } handle_vswitch_vif_details() { local vm=$(xenstore-read "/local/domain/$DOMID/vm" 2>/dev/null) if [ $? -eq 0 -a -n "${vm}" ] ; then local vm_uuid=$(xenstore-read "$vm/uuid" 2>/dev/null) fi if [ -n "${vm_uuid}" ] ; then set_vif_external_id "xs-vm-uuid" "${vm_uuid}" fi local vif_uuid=$(xenstore-read "${PRIVATE}/vif-uuid" 2>/dev/null) if $xs550 && [ -z "${vif_uuid}" ] && [ -n "${vm_uuid}" ]; then vif_uuid=$(xe vif-list --minimal vm-uuid="${vm_uuid}" device=$DEVID) fi if [ -n "${vif_uuid}" ] ; then set_vif_external_id "xs-vif-uuid" "${vif_uuid}" fi local vif_details= local net_uuid=$(xenstore-read "${PRIVATE}/network-uuid" 2>/dev/null) if $xs550 && [ -z "${net_uuid}" ] && [ -n "${vif_uuid}" ]; then net_uuid=$(xe vif-param-get uuid="${vif_uuid}" param-name=network-uuid) fi if [ -n "${net_uuid}" ] ; then set_vif_external_id "xs-network-uuid" "${net_uuid}" fi local address=$(xenstore-read "/local/domain/$DOMID/device/vif/$DEVID/mac" 2>/dev/null) if [ -n "${address}" ] ; then set_vif_external_id "xs-vif-mac" "${address}" fi if $xs550; then # vNetManager needs to know the network UUID(s) associated with each # datapath. Normally interface-reconfigure adds them, but XAPI does # not use interface-reconfigure for internal networks. Instead, XAPI # calls the addbr ioctl internally, so we have to do it here instead # for internal networks. This is only acceptable because xapi is lazy # about creating internal networks: it only creates one just before it # adds the first vif to it. There may still be a brief delay between # the initial ovs-vswitchd connection to vNetManager and setting this # configuration variable, but vNetManager can tolerate that. local bridge=$1 if [ -n "${net_uuid}" ] ; then logger -t scripts-vif "${bridge} xs-network-uuids ${net_uuid}" echo "-- br-set-external-id $bridge xs-network-uuids ${net_uuid}" fi fi } add_to_bridge() { local address=$(xenstore-read "${PRIVATE}/bridge-MAC") if [ $? -ne 0 -o -z "${address}" ]; then logger -t scripts-vif "Failed to read ${PRIVATE}/bridge-MAC from xenstore" exit 1 fi local bridge=$(xenstore-read "${PRIVATE}/bridge") if [ $? -ne 0 -o -z "${bridge}" ]; then logger -t scripts-vif "Failed to read ${PRIVATE}/bridge from xenstore" exit 1 fi logger -t scripts-vif "Adding ${dev} to ${bridge} with address ${address}" ${IP} link set "${dev}" down || logger -t scripts-vif "Failed to ip link set ${dev} down" ${IP} link set "${dev}" arp off || logger -t scripts-vif "Failed to ip link set ${dev} arp off" ${IP} link set "${dev}" multicast off || logger -t scripts-vif "Failed to ip link set ${dev} multicast off" ${IP} link set "${dev}" address "${address}" || logger -t scripts-vif "Failed to ip link set ${dev} address ${address}" ${IP} addr flush "${dev}" || logger -t scripts-vif "Failed to ip addr flush ${dev}" case $NETWORK_MODE in bridge) ${BRCTL} setfd "${bridge}" 0 || logger -t scripts-vif "Failed to brctl setfd ${bridge} 0" ${BRCTL} addif "${bridge}" "${dev}" || logger -t scripts-vif "Failed to brctl addif ${bridge} ${dev}" ;; openvswitch) if [ "$TYPE" = "vif" ] ; then local vif_details=$(handle_vswitch_vif_details $bridge) fi $vsctl -- --if-exists del-port $dev -- add-port $bridge $dev $vif_details ;; esac ${IP} link set "${dev}" up || logger -t scripts-vif "Failed to ip link set ${dev} up" } remove_from_bridge() { case $NETWORK_MODE in bridge) # Nothing to do ;; openvswitch) # If ovs-brcompatd is running, it might already have deleted the # port. Use --if-exists to suppress the error that would otherwise # arise in that case. $vsctl -- --if-exists del-port $dev ;; esac } NETWORK_MODE=$(cat /etc/xensource/network.conf) ACTION=$1 # Older versions of XenServer do not pass in the type as an argument if [[ $# -lt 2 ]]; then TYPE=vif else TYPE=$2 fi case $NETWORK_MODE in bridge|openvswitch) ;; vswitch) NETWORK_MODE=openvswitch ;; *) logger -t scripts-vif "Unknown network mode $NETWORK_MODE" exit 1 ;; esac case ${TYPE} in vif) DOMID=`echo ${XENBUS_PATH} | cut -f 3 -d '/'` DEVID=`echo ${XENBUS_PATH} | cut -f 4 -d '/'` dev=vif${DOMID}.${DEVID} ;; tap) dev=$INTERFACE DOMID=`echo ${dev#tap} | cut -f 1 -d '.'` DEVID=`echo ${dev#tap} | cut -f 2 -d '.'` ;; *) logger -t scripts-vif "unknown interface type ${TYPE}" exit 1 ;; esac XAPI=/xapi/${DOMID}/hotplug/vif/${DEVID} HOTPLUG=/xapi/${DOMID}/hotplug/vif/${DEVID} PRIVATE=/xapi/${DOMID}/private/vif/${DEVID} logger -t scripts-vif "Called as \"$@\" domid:$DOMID devid:$DEVID mode:$NETWORK_MODE" case "${ACTION}" in online) if [ "${TYPE}" = "vif" ] ; then handle_ethtool rx handle_ethtool tx handle_ethtool sg handle_ethtool tso handle_ethtool ufo handle_ethtool gso handle_mtu add_to_bridge handle_promiscuous xenstore-write "${HOTPLUG}/vif" "${dev}" xenstore-write "${HOTPLUG}/hotplug" "online" # xs-xen.pq.hq:91e986b8e49f netback-wait-for-hotplug xenstore-write "/local/domain/0/backend/vif/${DOMID}/${DEVID}/hotplug-status" "connected" fi ;; add) if [ "${TYPE}" = "tap" ] ; then add_to_bridge fi ;; remove) if [ "${TYPE}" = "vif" ] ;then xenstore-rm "${HOTPLUG}/hotplug" fi logger -t scripts-vif "${dev} has been removed" remove_from_bridge ;; esac