From mboxrd@z Thu Jan  1 00:00:00 1970
From: Kristofer Buffington <kristoferbuffington@gmail.com>
Subject: Fwd: Status update on 1.0
Date: Wed, 20 Mar 2019 20:52:10 -0400
Message-ID: <CAN1Dt4Q7HsWarUKQ6sy09Nc=rwyvjZwjCCJFdJ3VaJR-NBJXEg@mail.gmail.com>
References: <871s3a4xd4.fsf@gnu.org>
	<CAE4v=pi6z8zfVZjC3G9HwZ=mW03pWb3KRhmJGbE=tHK7vPBj1w@mail.gmail.com>
	<87zhpw2ql4.fsf@gnu.org>
	<CAJ=RwfbegjkF2N9bLJdM=_H0vknr7xtbAkkQvv022b6Zjf+BAQ@mail.gmail.com>
	<CAE4v=pgR6HVVvW0g2UjFV7XD6t-APhpJ9UZs1yLuK17frYde7w@mail.gmail.com>
	<CAN1Dt4SQzXJOK2bJF47cFO5ERg9=uf8wktH=arJ=AypEUnO2yw@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="0000000000003bd54805849027b2"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([209.51.188.92]:56841)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kristoferbuffington@gmail.com>) id 1h6ly9-0000YW-Rn
	for guix-devel@gnu.org; Wed, 20 Mar 2019 20:54:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kristoferbuffington@gmail.com>) id 1h6lwg-000854-JI
	for guix-devel@gnu.org; Wed, 20 Mar 2019 20:52:35 -0400
Received: from mail-wr1-x434.google.com ([2a00:1450:4864:20::434]:41655)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <kristoferbuffington@gmail.com>)
	id 1h6lwg-0007ye-0h
	for guix-devel@gnu.org; Wed, 20 Mar 2019 20:52:34 -0400
Received: by mail-wr1-x434.google.com with SMTP id p1so4745068wrs.8
	for <guix-devel@gnu.org>; Wed, 20 Mar 2019 17:52:33 -0700 (PDT)
In-Reply-To: <CAN1Dt4SQzXJOK2bJF47cFO5ERg9=uf8wktH=arJ=AypEUnO2yw@mail.gmail.com>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

--0000000000003bd54805849027b2
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Woops, I meant to send this message to the list

---------- Forwarded message ---------
From: Kristofer Buffington <kristoferbuffington@gmail.com>
Date: Wed, Mar 20, 2019 at 8:51 PM
Subject: Re: Status update on 1.0
To: G=C3=A1bor Boskovits <boskovits@gmail.com>


I'm deep into this netlink/rtnetlink business currently. I'm trying to
decide if it's better to use guile-ffi or if it's just easier to use bash
scripts and iproute2. Then virtual network interfaces could map to specific
containerized services, which is my objective. Long-term, the netlink and
rtnetlink fii is the superior approach. But bash scripts could get us
something hacky, but running quickly.

My other curiosity is: would it make more sense for shepherd to generate
virtual network namespaces when services spawn, or is that something the
operating-system declaration should contain?

I'd love to help. I'm on the verge of putting some code down now that the
research is coalescing into a vision. If there's some guidance or
suggestions or otherwise, please try to get me involved!

Kristofer Buffington

On Fri, Mar 15, 2019 at 3:35 PM G=C3=A1bor Boskovits <boskovits@gmail.com> =
wrote:

> Hello,
>
> Thompson, David <dthompson2@worcester.edu> ezt =C3=ADrta (id=C5=91pont: 2=
019.
> m=C3=A1rc. 15., P, 19:32):
> >
>
> > Quick tangent: My memory is a bit fuzzy, but I think that netlink API
> > wrappers would put us one step closer to being able to implement
> > useful network isolation in our container implementation (right now
> > you only have loopback, not so fun), like what Docker can do. Just
> > something to consider. :)
> >
> > - Dave
> >
>
> Yes, that is correct. This is exactly one of the reasons I considered thi=
s.
>
> Best regards,
> g_bor
>
>

--0000000000003bd54805849027b2
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Woops, I meant to send this message to the list<br><div><b=
r><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">--------=
-- Forwarded message ---------<br>From: <b class=3D"gmail_sendername" dir=
=3D"auto">Kristofer Buffington</b> <span dir=3D"ltr">&lt;<a href=3D"mailto:=
kristoferbuffington@gmail.com">kristoferbuffington@gmail.com</a>&gt;</span>=
<br>Date: Wed, Mar 20, 2019 at 8:51 PM<br>Subject: Re: Status update on 1.0=
<br>To: G=C3=A1bor Boskovits &lt;<a href=3D"mailto:boskovits@gmail.com">bos=
kovits@gmail.com</a>&gt;<br></div><br><br><div dir=3D"ltr"><div>I&#39;m dee=
p into this netlink/rtnetlink business currently. I&#39;m trying to decide =
if it&#39;s better to use guile-ffi or if it&#39;s just easier to use bash =
scripts and iproute2. Then virtual network interfaces could map to specific=
 containerized services, which is my objective. Long-term, the netlink and =
rtnetlink fii is the superior approach. But bash scripts could get us somet=
hing hacky, but running quickly.<br><br></div><div>My other curiosity is: w=
ould it make more sense for shepherd to generate virtual network namespaces=
 when services spawn, or is that something the operating-system declaration=
 should contain?<br></div><div><br></div><div>I&#39;d love to help. I&#39;m=
 on the verge of putting some code down now that the research is coalescing=
 into a vision. If there&#39;s some guidance or suggestions or otherwise, p=
lease try to get me involved!<br><br></div><div>Kristofer Buffington<br></d=
iv></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_att=
r">On Fri, Mar 15, 2019 at 3:35 PM G=C3=A1bor Boskovits &lt;<a href=3D"mail=
to:boskovits@gmail.com" target=3D"_blank">boskovits@gmail.com</a>&gt; wrote=
:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.=
8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hello,<br>
<br>
Thompson, David &lt;<a href=3D"mailto:dthompson2@worcester.edu" target=3D"_=
blank">dthompson2@worcester.edu</a>&gt; ezt =C3=ADrta (id=C5=91pont: 2019.<=
br>
m=C3=A1rc. 15., P, 19:32):<br>
&gt;<br>
<br>
&gt; Quick tangent: My memory is a bit fuzzy, but I think that netlink API<=
br>
&gt; wrappers would put us one step closer to being able to implement<br>
&gt; useful network isolation in our container implementation (right now<br=
>
&gt; you only have loopback, not so fun), like what Docker can do. Just<br>
&gt; something to consider. :)<br>
&gt;<br>
&gt; - Dave<br>
&gt;<br>
<br>
Yes, that is correct. This is exactly one of the reasons I considered this.=
<br>
<br>
Best regards,<br>
g_bor<br>
<br>
</blockquote></div>
</div></div></div>

--0000000000003bd54805849027b2--