mirror of
https://github.com/ceph/ceph
synced 2025-01-04 10:12:30 +00:00
87 lines
2.3 KiB
Bash
87 lines
2.3 KiB
Bash
|
#!/usr/bin/env bash
|
||
|
|
||
|
set -ex
|
||
|
|
||
|
sudo ip netns add ns1
|
||
|
sudo ip link add veth1-ext type veth peer name veth1-int
|
||
|
sudo ip link set veth1-int netns ns1
|
||
|
|
||
|
sudo ip netns exec ns1 ip link set dev lo up
|
||
|
sudo ip netns exec ns1 ip addr add 192.168.1.2/24 dev veth1-int
|
||
|
sudo ip netns exec ns1 ip link set veth1-int up
|
||
|
sudo ip netns exec ns1 ip route add default via 192.168.1.1
|
||
|
|
||
|
sudo ip addr add 192.168.1.1/24 dev veth1-ext
|
||
|
sudo ip link set veth1-ext up
|
||
|
|
||
|
# Enable forwarding between the namespace and the default route
|
||
|
# interface and set up NAT. In case of multiple default routes,
|
||
|
# just pick the first one.
|
||
|
if [[ $(sysctl -n net.ipv4.ip_forward) -eq 0 ]]; then
|
||
|
sudo iptables -P FORWARD DROP
|
||
|
sudo sysctl -w net.ipv4.ip_forward=1
|
||
|
fi
|
||
|
IFACE="$(ip route list 0.0.0.0/0 | head -n 1 | cut -d ' ' -f 5)"
|
||
|
sudo iptables -A FORWARD -i veth1-ext -o "$IFACE" -j ACCEPT
|
||
|
sudo iptables -A FORWARD -i "$IFACE" -o veth1-ext -j ACCEPT
|
||
|
sudo iptables -t nat -A POSTROUTING -s 192.168.1.2 -o "$IFACE" -j MASQUERADE
|
||
|
|
||
|
rbd create --size 300 img
|
||
|
|
||
|
DEV="$(sudo rbd map img)"
|
||
|
mkfs.ext4 "$DEV"
|
||
|
sudo mount "$DEV" /mnt
|
||
|
sudo umount /mnt
|
||
|
sudo rbd unmap "$DEV"
|
||
|
|
||
|
sudo ip netns exec ns1 bash <<'EOF'
|
||
|
|
||
|
set -ex
|
||
|
|
||
|
DEV="/dev/rbd/rbd/img"
|
||
|
[[ ! -e "$DEV" ]]
|
||
|
|
||
|
# In a network namespace, "rbd map" maps the device and hangs waiting
|
||
|
# for udev add uevents. udev runs as usual (in particular creating the
|
||
|
# symlink which is used here because the device node is never printed),
|
||
|
# but the uevents it sends out never come because they don't cross
|
||
|
# network namespace boundaries.
|
||
|
set +e
|
||
|
timeout 30s rbd map img
|
||
|
RET=$?
|
||
|
set -e
|
||
|
[[ $RET -eq 124 ]]
|
||
|
[[ -L "$DEV" ]]
|
||
|
mkfs.ext4 -F "$DEV"
|
||
|
mount "$DEV" /mnt
|
||
|
umount /mnt
|
||
|
|
||
|
# In a network namespace, "rbd unmap" unmaps the device and hangs
|
||
|
# waiting for udev remove uevents. udev runs as usual (removing the
|
||
|
# symlink), but the uevents it sends out never come because they don't
|
||
|
# cross network namespace boundaries.
|
||
|
set +e
|
||
|
timeout 30s rbd unmap "$DEV"
|
||
|
RET=$?
|
||
|
set -e
|
||
|
[[ $RET -eq 124 ]]
|
||
|
[[ ! -e "$DEV" ]]
|
||
|
|
||
|
# Skip waiting for udev uevents with "-o noudev".
|
||
|
DEV="$(rbd map -o noudev img)"
|
||
|
mkfs.ext4 -F "$DEV"
|
||
|
mount "$DEV" /mnt
|
||
|
umount /mnt
|
||
|
rbd unmap -o noudev "$DEV"
|
||
|
|
||
|
EOF
|
||
|
|
||
|
rbd rm img
|
||
|
|
||
|
sudo iptables -t nat -D POSTROUTING -s 192.168.1.2 -o "$IFACE" -j MASQUERADE
|
||
|
sudo iptables -D FORWARD -i "$IFACE" -o veth1-ext -j ACCEPT
|
||
|
sudo iptables -D FORWARD -i veth1-ext -o "$IFACE" -j ACCEPT
|
||
|
sudo ip netns delete ns1
|
||
|
|
||
|
echo OK
|