Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support joining any network namespace #7455

Closed
mrunalp opened this issue Aug 7, 2014 · 11 comments
Closed

Support joining any network namespace #7455

mrunalp opened this issue Aug 7, 2014 · 11 comments
Labels
area/networking kind/feature Functionality or other elements that the project doesn't currently have. Features are new and shiny

Comments

@mrunalp
Copy link
Contributor

mrunalp commented Aug 7, 2014

If docker supports joining any network namespace, then network topology could be left to higher level orchestration. This allows for flexibility in docker deployments. The user could setup the network by creating a new network namespace via ip netns, customize as required and then just pass it to docker with something like --net=netns:/var/run/netns/mycustomnet1.

The advantage is that docker does not have to worry about supporting all the different types of bridges/switches/custom protocols that users might want to use.
@mrunalp
Copy link
Contributor Author

mrunalp commented Aug 7, 2014

ping @shykes @crosbymichael

@larsks
Copy link
Contributor

larsks commented Sep 10, 2014

+1

This seems like a very flexible option for handling network configuration. People are constantly trying to do things other than simple "give docker a bridge and total control over address range" model, and this would make that a lot easier.

@hugoduncan hugoduncan mentioned this issue Sep 22, 2014
Closed
@hugoduncan hugoduncan mentioned this issue Sep 24, 2014
Closed
@rhatdan
Copy link
Contributor

rhatdan commented Sep 25, 2014

I kind of like this idea. Might have to handle the /etc/resolv.conf issues also

@larsks
Copy link
Contributor

larsks commented Oct 5, 2014

I guess this is pretty much what kubernetes does already, using native docker support:

  • create a "no-op" container (e.g. using the kubernetes/pause image), possibly with --net=none,
  • configure networking in that container as desired,
  • boot additional containers in that network namespace using --net=container:xxx

So that basically gets you to the same place, at the expense of always requiring the network container.

@thockin
Copy link
Contributor

thockin commented Oct 5, 2014

The extra net container is a constant source of questions for kubernetes,
and it brings some complexity to the code. We would love to get rid of it,
or hide it, or something.

On Sat, Oct 4, 2014 at 8:16 PM, Lars Kellogg-Stedman <
notifications@github.com> wrote:

I guess this is pretty much what kubernetes does already, using native
docker support:

  • create a "no-op" container (e.g. using the kubernetes/pause image),
    possibly with --net=none,
  • configure networking in that container as desired,
  • boot additional containers in that network namespace using
    --net=container:xxx

So that basically gets you to the same place, at the expense of always
requiring the network container.

Reply to this email directly or view it on GitHub
#7455 (comment).

@mrunalp
Copy link
Contributor Author

mrunalp commented Oct 5, 2014

@larsks @thockin This could be one potential solution to avoid having the networking container in kubernetes.

@larsks
Copy link
Contributor

larsks commented Oct 7, 2014

Yes, totally; a docker native solution would be much preferable. My comment stemmed from the fact that I was explaining kubernetes container networking to somebody and suddenly a light went off in my head and I realized the connection to this issue.

@byxorna
Copy link

byxorna commented Oct 9, 2014

+1

@rhatdan
Copy link
Contributor

rhatdan commented Oct 9, 2014

It would be nice to get someone from Docker to actually comment on this...

@crosbymichael
Copy link
Contributor

There was a PR opened here #8216 where a is discussion going on.

larsks added a commit to larsks/docker that referenced this issue Nov 4, 2014
@larsks
teach docker about --net netns:
a5510ef 
This patch adds the new "netns" network mode, which allows Docker to
connect a container to an existing network namespace that has been
previously created using the `ip netns add` command.

Currently a WIP.

Closes moby#7455

Signed-off-by: Lars Kellogg-Stedman <lars@redhat.com>
@dave-tucker dave-tucker mentioned this issue Nov 4, 2014
Closed
hugoduncan added a commit to hugoduncan/docker that referenced this issue Nov 13, 2014
@hugoduncan
Add netns option to --net switch
4a6b539 
Allows attaching an existing network namespace to a container on create.
e.g. --net="netns:path-for-netns".

Closes moby#7455

Signed-off-by: Hugo Duncan <hugo@hugoduncan.org>
rhatdan added a commit to rhatdan/moby1 that referenced this issue Jan 26, 2015
@rhatdan
Add netns option to --net switch
46759a6 
Allows attaching an existing network namespace to a container on create.
e.g. --net="netns:path-for-netns".

Closes moby#7455

Signed-off-by: Hugo Duncan <hugo@hugoduncan.org>

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
rhatdan added a commit to rhatdan/moby1 that referenced this issue Feb 12, 2015
@rhatdan
Add netns option to --net switch
570e3bd 
Allows attaching an existing network namespace to a container on create.
e.g. --net="netns:path-for-netns".

Closes moby#7455

Signed-off-by: Hugo Duncan <hugo@hugoduncan.org>

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
rhatdan added a commit to rhatdan/moby1 that referenced this issue Feb 16, 2015
@rhatdan
Add netns option to --net switch
696b7d1 
Allows attaching an existing network namespace to a container on create.
e.g. --net="netns:path-for-netns".

Closes moby#7455

Signed-off-by: Hugo Duncan <hugo@hugoduncan.org>

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
@jessfraz jessfraz added /system/networking kind/feature Functionality or other elements that the project doesn't currently have. Features are new and shiny labels Feb 26, 2015
@bradrydzewski bradrydzewski mentioned this issue Feb 17, 2016
Closed
@cpuguy83
Copy link
Member

Closing as this is no longer relevant (and ultimately rejected in the aforementioned PR).
Docker provides a backend api for configuring network namespaces that can be hooked into via plugins in github.com/docker/libnetwork as of docker 1.9.

@mrunalp mrunalp mentioned this issue Dec 19, 2016
Closed
@shoenig shoenig mentioned this issue Oct 31, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/networking kind/feature Functionality or other elements that the project doesn't currently have. Features are new and shiny
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@mrunalp @larsks @byxorna @crosbymichael @cpuguy83 @jessfraz @rhatdan @thockin