[systemd-devel] Systemd-nspawn -- Canot add interface to container

James Lott james at lottspot.com
Thu Sep 25 10:40:42 PDT 2014


Hi Mantas,

Thanks for the clarification. The first thing I tried actually was using the PID 
of the systemd-nspawn instance, like so

[root at host01 lanvpn]# ps aux | grep -v grep | grep systemd-nspawn 
root       143  0.0  0.3   2884   728 ?        Ss   08:42   0:00 
/usr/bin/systemd-nspawn --network-bridge=switch1 -bD /home/proxy -M 0
root      4564  0.7  0.6   2884  1124 pts/3    S+   10:38   0:00 systemd-
nspawn --private-network
[root at host01 lanvpn]# iw phy phy0 set netns 4564

Upon re-attaching to the container, I didn't see the interface

[root at lanvpn ~]# ip l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode 
DEFAULT group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
[root at lanvpn ~]# iw list
[root at lanvpn ~]# 

I suppose at this point I'm probably using the iw interface incorrectly and 
should seek help from a more appropriate channel to address that?

On Thursday 25 September 2014 20:11:56 Mantas Mikulėnas wrote:
> On Thu, Sep 25, 2014 at 7:49 PM, James Lott <james at lottspot.com> wrote:
> > Hi Marcel,
> > 
> > Thanks for the help pointing that one out! With your guidance I was able
> > to
> > figure out that I'll need to run something like:
> > 
> > iw phy phy0 set netns <pid>
> > 
> > Unfortunately I'm having some trouble trying to figure out the network
> > namespace PID to assign the phy0 interface to. Although I definitely have
> > containers with private networking running, I can't view any information
> > about their network namespaces
> 
> Generally, using the PID of /any/ process in the container (e.g. the
> init) should work the same.
> 
> `ip netns` only shows "persistent" namespaces which were given a name
> using the same tool. Containers generally don't bother with that.



More information about the systemd-devel mailing list