# Two

this project is Two with bash on first move


## Prepare kvm

```
apt-get install -y \
  vim \
  htop \
  socat \
  ebtables \                          # filtre arp
  qemu-system qemu-utils qemu-kvm \   # qemu install
  genisoimage \                       # cloud-init file
  curl \
  whois \
  tcpdump \
  bridge-utils                        # bridge add
```


## Command et info utile

```
ebtables -L --Lc

socat -,raw,echo=0 unix-connect:/tmp/vm-monitor.sock
```

```
root@lab1:~/vm# cat /etc/systemd/system/dnsmasq@.service
[Unit]
Description=dnsmasq in netns %i
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/run-dnsmasq-in-netns.sh %i
ExecStopPost=/bin/rm -f /run/dnsmasq-%i.pid

[Install]
WantedBy=multi-user.target
```

```
#!/bin/bash
set -e

# Expects one argument: netns_bridge (e.g. vpc-00003_br-00002 or vpc1_br0)
arg="$1"
NETNS="${arg%%_*}"
BRIDGE="${arg#*_}"

echo "start ${NETNS} ${BRIDGE}"

exec ip netns exec "$NETNS" \
  dnsmasq \
    --no-daemon \
    --interface="$BRIDGE" \
    --bind-interfaces \
    --pid-file="/run/dnsmasq-$arg.pid" \
    --conf-file="/etc/dnsmasq.d/$arg.conf" \
    --no-hosts \
    --no-resolv \
    --log-facility="/var/log/dnsmasq-$arg.log" \
    --no-daemon -p0
```

```
vm-1-toto:~# cat /etc/cloud/cloud.cfg.d/20_user.cfg
system_info:
  default_user:
    name: syonad
vm-1-toto:~# cat /etc/cloud/cloud.cfg.d/99_metadata.cfg
datasource_list: [ NoCloud ]
datasource:
  NoCloud:
    seedfrom: 'http://169.254.169.254:80'
    timeout: 5
    max_wait: 10
```


```
qemu-system-x86_64 -enable-kvm -cpu host -m 512 \
  -smp 1 -serial unix:/tmp/i-0343234.sock,server,nowait \
  -monitor unix:/tmp/i-0343234.mon-sock,server,nowait \
  -qmp unix:/tmp/i-0343234.qmp-sock,server,nowait \
  -drive file=/disk/vm-1.qcow2,if=virtio \
  -netdev tap,id=net0,ifname=tap6327775173,script=no,downscript=no -device virtio-net-pci,netdev=net0,mac=00:22:33:00:00:0A \
  -display none -daemonize
```


```
qemu-system-x86_64 -enable-kvm -cpu host -m 512 \
  -smp 1 -serial unix:/tmp/i-0343234.sock,server,nowait \
  -monitor unix:/tmp/i-0343234.mon-sock,server,nowait \
  -qmp unix:/tmp/i-0343234.qmp-sock,server,nowait \
  -drive file=/disk/vm-2.qcow2,if=virtio \
  -drive file=/disk/tmp.qcow2,if=virtio \
  -drive file=/disk/root.qcow2,if=virtio \
  -netdev tap,id=net0,ifname=tap9102959250,script=no,downscript=no -device virtio-net-pci,netdev=net0,mac=00:22:33:00:00:0A \
  -display none -daemonize \
  -drive file=./seed/seed.iso,media=cdrom,if=ide
```

add public ip:
```
brctl addbr br-public
brctl stp   "br-public" off
ip link add "veth-public-ext" type veth peer name "veth-public-int" netns "vpc-00003"
ip netns exec "vpc-00003" brctl addbr "br-public"
ip netns exec "vpc-00003" brctl stp   "br-public" off

brctl addif "br-public" "veth-public-ext"
ip netns exec "vpc-00003" brctl addif "br-public" "veth-public-int"


ip                link set up dev "veth-public-ext"
ip                link set up dev "br-public"
ip -n "vpc-00003" link set up dev "veth-public-int"
ip -n "vpc-00003" link set up dev "br-public"

ip link add link eno1 name macvlan0 type macvlan mode bridge

-A PREROUTING -d 192.168.15.2/32 -j DNAT --to-destination 192.168.20.10
-A POSTROUTING -s 192.168.20.10/32 -o br-public -j MASQUERADE
```