fabiand/qemu-pod.yaml

## qemu-pod.yaml
apiVersioin: v1
kind: Pod
metadata:
  name: qemu
spec:
  securityContext:
    runAsUser: 0
  volumes:
      - name: host-dev
        hostPath:
          path: /dev
      - name: host-sys
        hostPath:
          path: /sys
  containers:
  - name: libvirtd
    image: kubevirt/libvirt-kubevirt:v0.0.2
    imagePullPolicy: IfNotPresent
    securityContext:
      privileged: true
      runAsUser: 0
    volumeMounts:
      - mountPath: /host-dev
        name: host-dev
      - mountPath: /host-sys
        name: host-sys
    command: ["/usr/bin/sleep", "inf"]
    command1: |
      # Plain SLIRP, forwarding port 80
      qemu-system-x86_64 -nographic -drive file=iscsi://iscsi-demo-target.default/iqn.2017-01.io.kubevirt:sn.42/2 -net user,hostname=$(hostname),hostfwd=tcp:0.0.0.0:80-:80 -net nic

      # in guest
      # udhcpc
      # while true; do { echo -e 'HTTP/1.1 200 OK\r\n'; date; } | nc -l -p 80; done
    command2: |
      # Like slirp, just with TAP and the required additional stuff (with SLIRP it's built-in)
      #
      # Bridge for dhcp
      ip l add name br0 type bridge
      ip a add 192.168.169.254 dev br0
      ip l set dev br0 up

      # Setup dhcp
      dnsmasq --strict-order --except-interface=lo --interface=br0 --listen-address=192.168.169.254 --bind-interfaces --dhcp-range=192.168.169.1,192.168.169.1 --conf-file="" -d --dhcp-host=52:54:00:12:34:44,192.168.169.1,$(hostname) &

      # Allow guest -> world -- using nat
      sysctl -w net.ipv4.ip_forward=1
      iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

      # Allow port -> quest -- using tcp proxy
      cat > tcp.cfg <<EOF
      defaults
        mode                    tcp
      frontend main
        bind *:80
        default_backend guest
      backend guest
        server guest 192.168.169.1:80 maxconn 2048
      EOF
      haproxy -f tcp.cfg -d &

      (sleep 2 ; ip l set dev tap0 up ; ) &
      qemu-system-x86_64 -smp 4 -nographic -drive file=iscsi://iscsi-demo-target.default/iqn.2017-01.io.kubevirt:sn.42/2,copy-on-read=on -net tap,ifname=tap0,script=no,downscript=0 -net nic,macaddr=52:54:00:12:34:44

      # in guest
      # udhcpc
      # ## dont run: ifconfig eth0 192.168.169.1 netmask 255.255.255.0 up ; ip route add default via 192.168.169.1
      # while true; do { echo -e 'HTTP/1.1 200 OK\r\n'; date; } | nc -l -p 80; done
	apiVersioin: v1
	kind: Pod
	metadata:
	name: qemu
	spec:
	securityContext:
	runAsUser: 0
	volumes:
	- name: host-dev
	hostPath:
	path: /dev
	- name: host-sys
	hostPath:
	path: /sys
	containers:
	- name: libvirtd
	image: kubevirt/libvirt-kubevirt:v0.0.2
	imagePullPolicy: IfNotPresent
	securityContext:
	privileged: true
	runAsUser: 0
	volumeMounts:
	- mountPath: /host-dev
	name: host-dev
	- mountPath: /host-sys
	name: host-sys
	command: ["/usr/bin/sleep", "inf"]
	command1: \|
	# Plain SLIRP, forwarding port 80
	qemu-system-x86_64 -nographic -drive file=iscsi://iscsi-demo-target.default/iqn.2017-01.io.kubevirt:sn.42/2 -net user,hostname=$(hostname),hostfwd=tcp:0.0.0.0:80-:80 -net nic

	# in guest
	# udhcpc
	# while true; do { echo -e 'HTTP/1.1 200 OK\r\n'; date; } \| nc -l -p 80; done
	command2: \|
	# Like slirp, just with TAP and the required additional stuff (with SLIRP it's built-in)
	#
	# Bridge for dhcp
	ip l add name br0 type bridge
	ip a add 192.168.169.254 dev br0
	ip l set dev br0 up

	# Setup dhcp
	dnsmasq --strict-order --except-interface=lo --interface=br0 --listen-address=192.168.169.254 --bind-interfaces --dhcp-range=192.168.169.1,192.168.169.1 --conf-file="" -d --dhcp-host=52:54:00:12:34:44,192.168.169.1,$(hostname) &

	# Allow guest -> world -- using nat
	sysctl -w net.ipv4.ip_forward=1
	iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

	# Allow port -> quest -- using tcp proxy
	cat > tcp.cfg <<EOF
	defaults
	mode tcp
	frontend main
	bind *:80
	default_backend guest
	backend guest
	server guest 192.168.169.1:80 maxconn 2048
	EOF
	haproxy -f tcp.cfg -d &

	(sleep 2 ; ip l set dev tap0 up ; ) &
	qemu-system-x86_64 -smp 4 -nographic -drive file=iscsi://iscsi-demo-target.default/iqn.2017-01.io.kubevirt:sn.42/2,copy-on-read=on -net tap,ifname=tap0,script=no,downscript=0 -net nic,macaddr=52:54:00:12:34:44

	# in guest
	# udhcpc
	# ## dont run: ifconfig eth0 192.168.169.1 netmask 255.255.255.0 up ; ip route add default via 192.168.169.1
	# while true; do { echo -e 'HTTP/1.1 200 OK\r\n'; date; } \| nc -l -p 80; done