[WIP] [Spike] gvforwarder as a systemd service

vyasgun · vyasgun · commit 7eff160afa84 · 2025-01-21T12:31:44.000+05:30
diff --git a/createdisk.sh b/createdisk.sh
@@ -97,10 +97,34 @@ if podman manifest inspect quay.io/crcont/routes-controller:${OPENSHIFT_VERSION}
     image_tag=${OPENSHIFT_VERSION}
 fi
 
+# create the tap device interface with specified mac address
+# this mac address is used to allocate a specific IP to the VM
+# when tap device is in use.
+${SSH} core@${VM_IP} 'sudo bash -x -s' <<EOF
+  nmcli connection add type tun ifname tap0 con-name tap0 mode tap autoconnect yes 802-3-ethernet.cloned-mac-address 5A:94:EF:E4:0C:EE
+EOF
+
+
 # Add gvisor-tap-vsock service
 ${SSH} core@${VM_IP} 'sudo bash -x -s' <<EOF
-  podman create --name=gvisor-tap-vsock --privileged --net=host -v /etc/resolv.conf:/etc/resolv.conf -it quay.io/crcont/gvisor-tap-vsock:latest
-  podman generate systemd --restart-policy=no gvisor-tap-vsock > /etc/systemd/system/gvisor-tap-vsock.service
+  podman create --name=gvisor-tap-vsock quay.io/crcont/gvisor-tap-vsock:latest
+  podman cp gvisor-tap-vsock:/vm /usr/local/bin/
+  podman rm gvisor-tap-vsock
+  tee /etc/systemd/system/gvisor-tap-vsock.service <<ETE
+  [Unit]
+  Description=gvisor-tap-vsock traffic forwarder
+  Wants=network-online.target
+  After=network-online.target
+
+  [Service]
+  Restart=on-failure
+  TimeoutStopSec=70
+  ExecStart=/usr/local/bin/vm -preexisting -debug
+
+  [Install]
+  WantedBy=default.target
+  ETE
+
   systemctl daemon-reload
   systemctl enable gvisor-tap-vsock.service
 EOF
