[systemd-devel] Container, private network and socket activation
Lennart Poettering
lennart at poettering.net
Tue Feb 3 04:24:27 PST 2015
On Tue, 03.02.15 02:36, Mikhail Morfikov (mmorfikov at gmail.com) wrote:
> So, everything works pretty well.
>
> Now there's a problem, how to add socket activation to this
> container?
Well, the sockets for socket activated containers are created on the
host's namespace, not the container's namespace. They are then passed
into the container namespace, but they still belong to the host's
namespace. This means to connect to them you must connect to one of
the host'S IP addresses, not the container's IP addresses.
If the container's and host namesapces are identical (which is the
case if you don't use --private-network or any of the --network-xyz
switches), then the distinction goes away of course.
Also note that using socket activation for cotnainers means that
systemd instance inside the container also needs to have configuration
for the socket, to pass it on to the service that ultimately shall
answer for it. Are you sure that apache2 has support for that, and
that you set it up?
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list