Fwd: Status update on 1.0

[Kristofer Buffington]

Woops, I meant to send this message to the list

---------- Forwarded message ---------
From: Kristofer Buffington <address@hidden>
Date: Wed, Mar 20, 2019 at 8:51 PM
Subject: Re: Status update on 1.0
To: Gábor Boskovits <address@hidden>

I'm deep into this netlink/rtnetlink business currently. I'm trying to decide if it's better to use guile-ffi or if it's just easier to use bash scripts and iproute2. Then virtual network interfaces could map to specific containerized services, which is my objective. Long-term, the netlink and rtnetlink fii is the superior approach. But bash scripts could get us something hacky, but running quickly.

My other curiosity is: would it make more sense for shepherd to generate virtual network namespaces when services spawn, or is that something the operating-system declaration should contain?

I'd love to help. I'm on the verge of putting some code down now that the research is coalescing into a vision. If there's some guidance or suggestions or otherwise, please try to get me involved!

Kristofer Buffington

On Fri, Mar 15, 2019 at 3:35 PM Gábor Boskovits <address@hidden> wrote:

Hello,

Thompson, David <address@hidden> ezt írta (időpont: 2019.
márc. 15., P, 19:32):
>

> Quick tangent: My memory is a bit fuzzy, but I think that netlink API
> wrappers would put us one step closer to being able to implement
> useful network isolation in our container implementation (right now
> you only have loopback, not so fun), like what Docker can do. Just
> something to consider. :)
>
> - Dave
>

Yes, that is correct. This is exactly one of the reasons I considered this.

Best regards,
g_bor