Network support for socket CAN

[Shannon Barber]

I know this is a bit of a long-shot but maybe there are some others with similar use-cases.
Right now Proxmox has integrated support for virtual-eth networking to containers and it works well.
I really want to be able to add interfaces to a container for network devices other than Ethernet, namely CAN for our use-case.
(Kernel support is provided via vxcan not vcan, there's a naming discrepancy in the kernel between the eth and can interface drivers.)

Alternatively, are there existing hooks we can use to trigger a script to run when a container is started?
We have scripts that will set-up the bridge between host devices and containers. If we could get it called with some environment variables set telling us all the information about the container and it's network, e.g. container ID and nsid, then we could just hook up our script.

For reference

# vxcan pair
candev=${1-can0}
vmid=${2-100}
nsid_cont=$(ip link show veth${vmid}i0 | grep link | awk -F'link-netnsid' '{ print $2 }')
ip link add $candev-vx${vmid} link-netnsid ${nsid_cont} type vxcan peer name vx$candev link-netnsid 0
ip link set dev $candev-vx$vmid mtu 16
ip link set dev $candev-vx${vmid} up
# CAN bridge
cangw -A -s $candev -d $candev-vx${vmid}
cangw -A -d $candev -s $candev-vx${vmid}

 

[g.bnz]

Thanks Shannon.

Your script saved the day for me too - i.e. it works for me too.
One observation - "mtu 16" might not be suitable for CAN FD case.

And I agree - it would be better if the problem will be resolved at "Proxmox GUI level".

 

[Shannon Barber]

We have non-FD CAN which is why I went out of my way to set the MTU to 16.
it will default to 72 so you can just remove that part if you have FD.

There is a hook system in Proxmox so on container start-up you can call a script.

Put the script (or a symlink) in the /var/lib/vz/snippets/ directory then in the lxc config file add:
hookscript: local:snippets/vxcan_hook.sh

This only works when PVE starts the container.
If you go into the container and tell it to reboot then you'll lose the devices.
Maybe there's a way to hook that as well but we haven't found it yet.

#!/bin/bash

set -xume

modprobe can
modprobe can-raw
modprobe can-gw

vmid="$1"
phase="$2"

LOG=~/vxcan.log
printf "%s %s\n" "$0" "$@" >>${LOG}


wait() {
    #vmid=${1-101}
    while ! pct status "${vmid}" | grep running 1>/dev/null; do
        sleep 1;
    done
}

add() {
    candev=${1-can0}
    vmid=${2-101}
    candev_cont=${3-can0}
    candev_index=${4-0}
    wait "${vmid}"
    nsid_cont=$(ip link show "veth${vmid}i0" | grep link | awk -F'link-netnsid' '{ print $2 }')
    ip link add "vxcan${vmid}i${candev_index}_host" link-netnsid "${nsid_cont}" type vxcan peer name ${candev_cont} link-netnsid 0 >>${LOG}
    ip link set up "vxcan${vmid}i${candev_index}_host" >>${LOG}
    cangw -A -s "$candev" -d "vxcan${vmid}i${candev_index}_host" >>${LOG}
    cangw -A -d "$candev" -s "vxcan${vmid}i${candev_index}_host" >>${LOG}
}

del() {
    candev=${1-can0}
    vmid=${2-101}
    candev_index=${3-0}
    nsid_cont=$(ip link show "veth${vmid}i0" | grep link | awk -F'link-netnsid' '{ print $2 }') >>${LOG}
    cangw -D -d can1 -s "vxcan${vmid}i${candev_index}_host" >>${LOG} || true
    cangw -D -s can1 -d "vxcan${vmid}i${candev_index}_host" >>${LOG} || true
    ip link del "vxcan${vmid}i${candev_index}_host" >>${LOG} || true
}

if [[ "$phase" == 'post-start' ]]
then
      add can0 "${vmid}" can0 0
      add can1 "${vmid}" can1 1
fi