From: Christopher Baines <mail@cbaines.net>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 28128@debbugs.gnu.org
Subject: [bug#28128] [PATCH] scripts: system: Add support for container network sharing.
Date: Wed, 20 Sep 2017 08:04:18 +0100 [thread overview]
Message-ID: <20170920080418.3cc0a203@cbaines.net> (raw)
In-Reply-To: <87y3patlk9.fsf@inria.fr>
[-- Attachment #1: Type: text/plain, Size: 3164 bytes --]
On Tue, 19 Sep 2017 23:39:34 +0200
ludo@gnu.org (Ludovic Courtès) wrote:
> Hi!
>
> Sorry for the delay!
>
> Christopher Baines <mail@cbaines.net> skribis:
>
> > This is a port of the functionality in the Guix environment command
> > to the guix system container command.
> >
> > This requires additional changes to the operating-system
> > definitions used, in particular, networking related services may
> > need removing if the host network is shared.
> >
> > * guix/scripts/system.scm (system-derivation-for-action): Add
> > #:container-shared-network? argument.
> > (perform-action): Add #:container-shared-network? argument.
> > (show-help): Add "-N, --network" help information.
> > (%options): Add network option.
> > (process-action): Call perform-action with
> > #:container-shared-network?.
> > * gnu/system/linux-container.scm (%network-configuration-files):
> > New variable. (container-script): Add support for returning a
> > container script that shares the host network.
> > * gnu/system.scm (essential-services): Add
> > #:container-shared-network? argument.
> > (operating-system-services): Add #:container-shared-network?
> > argument. (operating-system-etc-service): Add
> > #:container-shared-network? argument, and support for ommiting some
> > configuration if the network is shared.
> > (operating-system-activation-script): Add
> > #:container-shared-network? argument, and pass this through to the
> > operating-system-services procedure.
> > (operating-system-boot-script): Add #:container-shared-network?
> > argument, and pass this through to the operating-system-services
> > procedure. (operating-system-derivation): Add the
> > #:container-shared-network? argument, and pass this through to the
> > operating-system-services procedure. (operating-system-profile):
> > Add the #:container-shared-network? argument, and pass this through
> > to the operating-system-services procedure.
>
> My gut reaction was “hey this is cool!”, and then “wait, it doesn’t
> feel right to pass that argument around everywhere!”. :-)
Yep, agreed :)
> We already have that with #:container?, and I think that’s a bit of a
> problem. The ‘linux-bare-metal’ service addresses it somewhat in a
> more elegant way, I think.
>
> What about this:
>
> 1. Remove from ‘operating-system-etc-service’ all the
> shared-network-related files;
>
> 2. Add a ‘shared-network-service’ that simply adds those file
> to /etc;
>
> 3. Add a ‘containerized-operating-system’ that removes it.
>
> There’s the problem, though, that /etc/hosts can only be added from
> ‘essential-services’.
>
> Now, this:
>
> +(define %network-configuration-files
> + '("/etc/resolv.conf"
> + "/etc/nsswitch.conf"
> + "/etc/services"
> + "/etc/hosts"))
>
> … is exactly what (gnu system file-systems) defines.
>
> Also, we should map the host’s /var/run/nscd/socket (if it exists) in
> the guest, and remove nscd from the guest.
>
> Thoughts?
This sounds really good, I'll try and make some time to implement it :)
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 963 bytes --]
next prev parent reply other threads:[~2017-09-20 7:05 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-17 19:13 [bug#28128] [PATCH] scripts: system: Add support for container network sharing Christopher Baines
2017-09-04 21:47 ` Christopher Baines
2017-09-19 21:39 ` Ludovic Courtès
2017-09-20 7:04 ` Christopher Baines [this message]
2019-02-19 7:46 ` Arun Isaac
2019-02-19 21:50 ` Christopher Baines
2019-02-20 11:57 ` Ricardo Wurmus
2019-02-20 19:22 ` Arun Isaac
2019-03-04 13:38 ` Ludovic Courtès
2019-03-08 10:51 ` Arun Isaac
2019-03-10 17:20 ` Ludovic Courtès
2019-03-11 18:52 ` Arun Isaac
2019-03-13 9:36 ` [bug#28128] [PATCH 0/2] Support " Arun Isaac
2019-03-13 9:36 ` [bug#28128] [PATCH 1/2] shepherd: Move nscd-socket to (gnu system file-systems) Arun Isaac
2019-03-13 9:36 ` [bug#28128] [PATCH 2/2] scripts: system: Support container network sharing Arun Isaac
2019-03-13 11:34 ` Ludovic Courtès
2019-03-14 20:11 ` Arun Isaac
2019-03-18 8:37 ` Ludovic Courtès
2019-03-21 10:17 ` Arun Isaac
2019-03-22 17:29 ` Ludovic Courtès
2019-03-25 20:37 ` Arun Isaac
2019-05-10 12:54 ` Arun Isaac
2019-05-12 21:23 ` Ludovic Courtès
2019-05-13 8:30 ` Arun Isaac
2019-05-13 13:43 ` Ludovic Courtès
2019-05-13 21:26 ` bug#28128: " Arun Isaac
2019-05-14 7:02 ` [bug#28128] " Christopher Baines
2019-05-14 9:00 ` Arun Isaac
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170920080418.3cc0a203@cbaines.net \
--to=mail@cbaines.net \
--cc=28128@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.