guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Status update on 1.0


From: Gábor Boskovits
Subject: Re: Status update on 1.0
Date: Thu, 21 Mar 2019 15:59:00 +0100

Hello,

Kristofer Buffington <address@hidden> ezt írta
(időpont: 2019. márc. 21., Cs, 1:54):
>
> Woops, I meant to send this message to the list
>
> ---------- Forwarded message ---------
> From: Kristofer Buffington <address@hidden>
> Date: Wed, Mar 20, 2019 at 8:51 PM
> Subject: Re: Status update on 1.0
> To: Gábor Boskovits <address@hidden>
>
>
> I'm deep into this netlink/rtnetlink business currently. I'm trying to decide 
> if it's better to use guile-ffi or if it's just easier to use bash scripts 
> and iproute2. Then virtual network interfaces could map to specific 
> containerized services, which is my objective. Long-term, the netlink and 
> rtnetlink fii is the superior approach. But bash scripts could get us 
> something hacky, but running quickly.
>
> My other curiosity is: would it make more sense for shepherd to generate 
> virtual network namespaces when services spawn, or is that something the 
> operating-system declaration should contain?
>
> I'd love to help. I'm on the verge of putting some code down now that the 
> research is coalescing into a vision. If there's some guidance or suggestions 
> or otherwise, please try to get me involved!
>

Ok, I will push my preliminary work on wip-netlink soon. It it a guile
ffi style binding, but currently I got only to the definitions of
structures mainly. Help is much appreciated.

> Kristofer Buffington
>
> On Fri, Mar 15, 2019 at 3:35 PM Gábor Boskovits <address@hidden> wrote:
>>
>> Hello,
>>
>> Thompson, David <address@hidden> ezt írta (időpont: 2019.
>> márc. 15., P, 19:32):
>> >
>>
>> > Quick tangent: My memory is a bit fuzzy, but I think that netlink API
>> > wrappers would put us one step closer to being able to implement
>> > useful network isolation in our container implementation (right now
>> > you only have loopback, not so fun), like what Docker can do. Just
>> > something to consider. :)
>> >
>> > - Dave
>> >
>>
>> Yes, that is correct. This is exactly one of the reasons I considered this.
>>
>> Best regards,
>> g_bor
>>

Best regards,
g_bot



reply via email to

[Prev in Thread] Current Thread [Next in Thread]