[systemd-devel] Asking for advice - two network interfaces in a container

[Peter Lemenkov]

Hello All!

My system has two network planes - control plane (several 10.0.0.0/8
networks) and data plane (non-RFC1918 network, visible to end-users).
These two networks separated by two different bridges and some
iptables magic. All my business logic is handled using control plane
(using various network protocols).

So far all my containers connected to a control plane only - I have a
lot of them actually. They work fine, orchestrated properly (with high
availability, load balancing etc).

Also I've got three VMs (KVM if it matters) which provides a different
services to the end-users. Thus they has to be connected to a data
plane. So all of them have two separate NICs - one for end user
interaction, and another one for control plane. Although it's possible
to handle all the business logic via "data plane" I'd rather to avoid
that.

Could anyone give me an advice/hint on how to design something like
this properly? So far I don't see a standard method for systemd-nspawn
to assign more that one NIC to the container.


-- 
With best regards, Peter Lemenkov.