| 12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- #!/bin/bash
- ENVNAME=$1
- LAST_OCTET=$2
- HASH=$(echo $ENVNAME | md5sum | head -c 6)
- IP_OCTET_3=$(printf "%d" 0x$(echo $HASH | head -c 2))
- IP_OCTET_4=$(printf "%d" 0x$(echo $HASH | tail -c 2))
- IP_ADDR=10.0.$IP_OCTET_3.$IP_OCTET_4
- # create root ns holder
- touch .fleck-lock
- mkdir -p .fleck-ns
- flock -Fn .fleck-lock -c 'exec unshare -mrnU sh -c "echo $$ > .fleck-lock; rm .fleck-ns/netns/*; mount --bind .fleck-ns /run; exec sleep infinity"' &
- sleep .1
- ROOT_PID=$(cat .fleck-lock)
- nsenter --preserve-credentials -U -m -n -t $ROOT_PID bash -x <<ROOT_NS
- # do initial setup?
- grep fleck-br <(ip link list) > /dev/null || (
- ip link set lo up
- ip link add name fleck-br type bridge
- ip link set dev fleck-br up
- )
- # set up namespace?
- grep ^$ENVNAME$ <(ip netns list | awk '{print \$1}') > /dev/null || (
- ip netns add $ENVNAME > /dev/null
- ip link add $ENVNAME-root type veth peer name $ENVNAME-inner netns $ENVNAME
- ip link set $ENVNAME-root up
- ip link set $ENVNAME-root master fleck-br
- ip netns exec $ENVNAME ip link set up lo
- ip netns exec $ENVNAME ip link set up $ENVNAME-inner
- ip netns exec $ENVNAME ip addr add $IP_ADDR/16 dev $ENVNAME-inner
- ip netns exec $ENVNAME ip route add 224.0.0.0/4 dev $ENVNAME-inner
- )
- ROOT_NS
- # give a shell
- exec nsenter -w --preserve-credentials -U -m -n -t $ROOT_PID bash -i -c "DEBIAN_CHROOT=$ENVNAME ip netns exec $ENVNAME unshare --map-user=1024 $SHELL"
|
