From: ludo@gnu.org (Ludovic Courtès)
To: Christopher Baines <mail@cbaines.net>
Cc: 28128@debbugs.gnu.org
Subject: [bug#28128] [PATCH] scripts: system: Add support for container network sharing.
Date: Tue, 19 Sep 2017 23:39:34 +0200 [thread overview]
Message-ID: <87y3patlk9.fsf@inria.fr> (raw)
In-Reply-To: <20170817191334.26269-1-mail@cbaines.net>
Hi!
Sorry for the delay!
Christopher Baines <mail@cbaines.net> skribis:
> This is a port of the functionality in the Guix environment command to the
> guix system container command.
>
> This requires additional changes to the operating-system definitions used, in
> particular, networking related services may need removing if the host network
> is shared.
>
> * guix/scripts/system.scm (system-derivation-for-action): Add
> #:container-shared-network? argument.
> (perform-action): Add #:container-shared-network? argument.
> (show-help): Add "-N, --network" help information.
> (%options): Add network option.
> (process-action): Call perform-action with #:container-shared-network?.
> * gnu/system/linux-container.scm (%network-configuration-files): New variable.
> (container-script): Add support for returning a container script that shares
> the host network.
> * gnu/system.scm (essential-services): Add #:container-shared-network?
> argument.
> (operating-system-services): Add #:container-shared-network? argument.
> (operating-system-etc-service): Add #:container-shared-network? argument,
> and support for ommiting some configuration if the network is shared.
> (operating-system-activation-script): Add #:container-shared-network?
> argument, and pass this through to the operating-system-services procedure.
> (operating-system-boot-script): Add #:container-shared-network? argument,
> and pass this through to the operating-system-services procedure.
> (operating-system-derivation): Add the #:container-shared-network? argument,
> and pass this through to the operating-system-services procedure.
> (operating-system-profile): Add the #:container-shared-network? argument,
> and pass this through to the operating-system-services procedure.
My gut reaction was “hey this is cool!”, and then “wait, it doesn’t feel
right to pass that argument around everywhere!”. :-)
We already have that with #:container?, and I think that’s a bit of a
problem. The ‘linux-bare-metal’ service addresses it somewhat in a more
elegant way, I think.
What about this:
1. Remove from ‘operating-system-etc-service’ all the
shared-network-related files;
2. Add a ‘shared-network-service’ that simply adds those file to /etc;
3. Add a ‘containerized-operating-system’ that removes it.
There’s the problem, though, that /etc/hosts can only be added from
‘essential-services’.
Now, this:
+(define %network-configuration-files
+ '("/etc/resolv.conf"
+ "/etc/nsswitch.conf"
+ "/etc/services"
+ "/etc/hosts"))
… is exactly what (gnu system file-systems) defines.
Also, we should map the host’s /var/run/nscd/socket (if it exists) in
the guest, and remove nscd from the guest.
Thoughts?
Ludo’.
next prev parent reply other threads:[~2017-09-19 21:40 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-17 19:13 [bug#28128] [PATCH] scripts: system: Add support for container network sharing Christopher Baines
2017-09-04 21:47 ` Christopher Baines
2017-09-19 21:39 ` Ludovic Courtès [this message]
2017-09-20 7:04 ` Christopher Baines
2019-02-19 7:46 ` Arun Isaac
2019-02-19 21:50 ` Christopher Baines
2019-02-20 11:57 ` Ricardo Wurmus
2019-02-20 19:22 ` Arun Isaac
2019-03-04 13:38 ` Ludovic Courtès
2019-03-08 10:51 ` Arun Isaac
2019-03-10 17:20 ` Ludovic Courtès
2019-03-11 18:52 ` Arun Isaac
2019-03-13 9:36 ` [bug#28128] [PATCH 0/2] Support " Arun Isaac
2019-03-13 9:36 ` [bug#28128] [PATCH 1/2] shepherd: Move nscd-socket to (gnu system file-systems) Arun Isaac
2019-03-13 9:36 ` [bug#28128] [PATCH 2/2] scripts: system: Support container network sharing Arun Isaac
2019-03-13 11:34 ` Ludovic Courtès
2019-03-14 20:11 ` Arun Isaac
2019-03-18 8:37 ` Ludovic Courtès
2019-03-21 10:17 ` Arun Isaac
2019-03-22 17:29 ` Ludovic Courtès
2019-03-25 20:37 ` Arun Isaac
2019-05-10 12:54 ` Arun Isaac
2019-05-12 21:23 ` Ludovic Courtès
2019-05-13 8:30 ` Arun Isaac
2019-05-13 13:43 ` Ludovic Courtès
2019-05-13 21:26 ` bug#28128: " Arun Isaac
2019-05-14 7:02 ` [bug#28128] " Christopher Baines
2019-05-14 9:00 ` Arun Isaac
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y3patlk9.fsf@inria.fr \
--to=ludo@gnu.org \
--cc=28128@debbugs.gnu.org \
--cc=mail@cbaines.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.