[systemd-devel] systemd-nspawn and process spawning using nsenter issue
Lennart Poettering
lennart at poettering.net
Tue Nov 3 03:06:59 PST 2015
On Mon, 02.11.15 20:35, Aliaksei Sheshka (sheshkaoss at gmail.com) wrote:
> >
> > Note that all units you join need to have PrivateNetwork=yes set if
> > they shall live in the same namespace. Did both your units have this set?
>
> I have my unit c7-test like that:
>
> ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot
> --link-journal=try-guest --network-macvlan=eth0 --settings=override
> --machine=c7-test
>
> --networ-macvlan assumes PrivateNetwork as I understand.
> If I add additional "PrivateNetwork=yes" to that nspawn unit, it
> won't work, since, obviously, eth0 is no longer available.
Well, not only that, but nspawn opens a new network namespace for the
container as soon as you use any of the --network-xyz or
--private-network switches, but nspawn itself will stay outside...
> In short my goal to have macvlan enabled systemd-nspawn container
> running. Once it's up, I would like to run a daemon withing that
> container ip namespace using binary located on the host system.
> Current 'nsenter' solution looks not that elegant. Perhaps there is a
> better way to achieve that.
I don't see how, sorry...
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list