[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#28128] [PATCH] scripts: system: Add support for container network s
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#28128] [PATCH] scripts: system: Add support for container network sharing. |
|
Date: |
Tue, 19 Sep 2017 23:39:34 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) |
Hi!
Sorry for the delay!
Christopher Baines <address@hidden> skribis:
> This is a port of the functionality in the Guix environment command to the
> guix system container command.
>
> This requires additional changes to the operating-system definitions used, in
> particular, networking related services may need removing if the host network
> is shared.
>
> * guix/scripts/system.scm (system-derivation-for-action): Add
> #:container-shared-network? argument.
> (perform-action): Add #:container-shared-network? argument.
> (show-help): Add "-N, --network" help information.
> (%options): Add network option.
> (process-action): Call perform-action with #:container-shared-network?.
> * gnu/system/linux-container.scm (%network-configuration-files): New variable.
> (container-script): Add support for returning a container script that shares
> the host network.
> * gnu/system.scm (essential-services): Add #:container-shared-network?
> argument.
> (operating-system-services): Add #:container-shared-network? argument.
> (operating-system-etc-service): Add #:container-shared-network? argument,
> and support for ommiting some configuration if the network is shared.
> (operating-system-activation-script): Add #:container-shared-network?
> argument, and pass this through to the operating-system-services procedure.
> (operating-system-boot-script): Add #:container-shared-network? argument,
> and pass this through to the operating-system-services procedure.
> (operating-system-derivation): Add the #:container-shared-network? argument,
> and pass this through to the operating-system-services procedure.
> (operating-system-profile): Add the #:container-shared-network? argument,
> and pass this through to the operating-system-services procedure.
My gut reaction was “hey this is cool!”, and then “wait, it doesn’t feel
right to pass that argument around everywhere!”. :-)
We already have that with #:container?, and I think that’s a bit of a
problem. The ‘linux-bare-metal’ service addresses it somewhat in a more
elegant way, I think.
What about this:
1. Remove from ‘operating-system-etc-service’ all the
shared-network-related files;
2. Add a ‘shared-network-service’ that simply adds those file to /etc;
3. Add a ‘containerized-operating-system’ that removes it.
There’s the problem, though, that /etc/hosts can only be added from
‘essential-services’.
Now, this:
+(define %network-configuration-files
+ '("/etc/resolv.conf"
+ "/etc/nsswitch.conf"
+ "/etc/services"
+ "/etc/hosts"))
… is exactly what (gnu system file-systems) defines.
Also, we should map the host’s /var/run/nscd/socket (if it exists) in
the guest, and remove nscd from the guest.
Thoughts?
Ludo’.