[systemd-devel] Setting up network interfaces for containers with --private-network
Lennart Poettering
lennart at poettering.net
Wed Apr 22 04:40:18 PDT 2015
On Tue, 21.04.15 15:22, Spencer Baugh (sbaugh at catern.com) wrote:
> > Also, trivial static IP configuration is seldom sufficient, you at
> > least need to also provide DNS configuration, and if you don't use
> > DHCP or something similar then you need to configure that inside the
> > container anyway. But if you do that you might as well configure the
> > static IP addresses in it too, so what is gained by doing this from a
> > networkd outside of the cotnainer?
> >
> >> Or am I misunderstanding the role of networkd? It seems like if I am
> >> writing a service that represents "the network interface and namespace
> >> for this container", I am doing something that networkd should
> >> ultimately do.
> >
> > Sure, absolutely. But our idea so far was that networkd should run
> > inside the container to configure the container's network, and on the
> > host to configure the host's network, but not to cross this boundary
> > and have the host networkd configure the container's network.
>
> Hmm, yes, but I think the problem is the configuration done at
> interface-creation-time. It seems to me that that configuration
> currently does not fit naturally in either the host networkd or the
> container networkd.
Well, again, I doubt that configuration exclusivel at
interface-creation-time will be useful for more than the most trivial
cases, already because as mentioned it would not cover DNS server
configuration and thelike.
I am a bit careful with supporting something like this directly in
nspawn if it cannot even cover the most basic cases...
If you really want fixed IP addresses, I think this could work:
We add configurability for the DHCP server address range in networkd,
including taking ranges that contain a single IP address. You could
then assign fixed addresses to your containers simply by dropping a
.network snippet for them, that only contains a single dhcp range IP
address for it. THat should work, no?
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list