Woops, I meant to send this message to the list ---------- Forwarded message --------- From: Kristofer Buffington Date: Wed, Mar 20, 2019 at 8:51 PM Subject: Re: Status update on 1.0 To: Gábor Boskovits I'm deep into this netlink/rtnetlink business currently. I'm trying to decide if it's better to use guile-ffi or if it's just easier to use bash scripts and iproute2. Then virtual network interfaces could map to specific containerized services, which is my objective. Long-term, the netlink and rtnetlink fii is the superior approach. But bash scripts could get us something hacky, but running quickly. My other curiosity is: would it make more sense for shepherd to generate virtual network namespaces when services spawn, or is that something the operating-system declaration should contain? I'd love to help. I'm on the verge of putting some code down now that the research is coalescing into a vision. If there's some guidance or suggestions or otherwise, please try to get me involved! Kristofer Buffington On Fri, Mar 15, 2019 at 3:35 PM Gábor Boskovits wrote: > Hello, > > Thompson, David ezt írta (időpont: 2019. > márc. 15., P, 19:32): > > > > > Quick tangent: My memory is a bit fuzzy, but I think that netlink API > > wrappers would put us one step closer to being able to implement > > useful network isolation in our container implementation (right now > > you only have loopback, not so fun), like what Docker can do. Just > > something to consider. :) > > > > - Dave > > > > Yes, that is correct. This is exactly one of the reasons I considered this. > > Best regards, > g_bor > >