[systemd-devel] Systemd-nspawn -- Canot add interface to container

James Lott james at lottspot.com
Sat Sep 27 02:33:47 PDT 2014 

Figured out that 'ip link set <device> netns <pid>' works much the same as 'iw phy <device> set netns <pid>', but I still can't seem to figure out what types of interfaces --network-interface will accept. If anyone happens to have a good example of how to use it, I would love to take a look at it.

> On Sep 26, 2014, at 4:28 PM, James Lott <james at lottspot.com> wrote:
> 
> Hello again!
> 
> Once again, thanks for all the help with getting my wireless interface moved 
> into the container! Now I just have one more interface I'm having trouble 
> with. I can't seem to move my ethernet interfaces into the container. I'm 
> getting the same error, so I presume it's for the same reason. I can find the 
> path to my physical devices in kernel space (they're both on a USB bus), but I 
> can't figure out what device name I should pass to systemd-nspawn (or what 
> other userspace program I could use to move one of the interfaces into a 
> container's namespace). Thanks in advance for any pointers!
> 
> [root at host01 lanvpn]# systemd-nspawn --network-interface=eth1       
> Spawning container lanvpn on /home/lanvpn.
> Press ^] three times within 1s to kill container.
> Failed to move interface eth1 to namespace: File exists
> [root at host01 lanvpn]# ls -lah /sys/class/net/ | egrep 'eth[0-1] '                                                                                                                                                
> lrwxrwxrwx  1 root root 0 Dec 31  1969 eth0 -> 
> ../../devices/platform/bcm2708_usb/usb1/1-1/1-1.1/1-1.1:1.0/net/eth0
> lrwxrwxrwx  1 root root 0 Dec 31  1969 eth1 -> 
> ../../devices/platform/bcm2708_usb/usb1/1-1/1-1.3/1-1.3.1/1-1.3.1:1.0/net/eth1
> 
>> On Thursday 25 September 2014 17:05:34 James Lott wrote:
>> Shame on me for not spending more time trying to figure this out before
>> responding. Please ignore my previous sad plea for help, I understand fully
>> now exactly what you're saying, and was able to successfully move the phy0
>> interface into my container.
>> 
>> At this point, my challenge is going to be coordinating the movement of this
>> interface within a service file, so I don't need to do it manually when
>> starting the container... but I suppose I can write an ExecStartPost script
>> which can manage this.
>> 
>> Thanks again for all your help!
>> 
>>> On Thursday 25 September 2014 16:25:02 James Lott wrote:
>>> Hi Zbyszek,
>>> 
>>> Thanks for all your help! This is a new concept to me though, as I have
>>> never tried to refer to a process inside of a container from outside of
>>> the
>>> container before (I did not realize this was possible). Since specifying
>>> PID 1 would obviously be referring to the host system's init process,
>>> would
>>> you be willing to give me an example that might help me understand how I
>>> can specify an in-container PID from the host system? Thanks again for
>>> taking the time to help me grasp all of this :)
>>> 
>>>> On Sep 25, 2014, at 2:10 PM, Zbigniew Jędrzejewski-Szmek
>> 
>> <zbyszek at in.waw.pl> wrote:
>>>>> On Thu, Sep 25, 2014 at 10:40:42AM -0700, James Lott wrote:
>>>>> Hi Mantas,
>>>>> 
>>>>> Thanks for the clarification. The first thing I tried actually was
>>>>> using
>>>>> the PID of the systemd-nspawn instance, like so
>>>>> 
>>>>> [root at host01 lanvpn]# ps aux | grep -v grep | grep systemd-nspawn
>>>>> root       143  0.0  0.3   2884   728 ?        Ss   08:42   0:00
>>>>> /usr/bin/systemd-nspawn --network-bridge=switch1 -bD /home/proxy -M 0
>>>>> root      4564  0.7  0.6   2884  1124 pts/3    S+   10:38   0:00
>>>>> systemd-
>>>>> nspawn --private-network
>>>>> [root at host01 lanvpn]# iw phy phy0 set netns 4564
>>>> 
>>>> systemd-nspawn is *outside* of the container. You should use the child
>>>> of
>>>> systemd-nspawn, i.e. the init process, instead.
>>>> 
>>>> Zbyszek
>>> 
>>> _______________________________________________
>>> systemd-devel mailing list
>>> systemd-devel at lists.freedesktop.org
>>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>> 
>> _______________________________________________
>> systemd-devel mailing list
>> systemd-devel at lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> 
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel

More information about the systemd-devel mailing list