Hello, I am trying to see how to implement with systemd-nspawn a version of docker's pod when a group of very lightweight containers use a loopback interface or unix sockets to communicate with each other and a shared network interface to communicate with the outside world. Otherwise the containers are isolated and do not share process and other namespaces.
My impression from the documentation is that I should create a version of systemd-nspawn@.service that uses JoinsNamespaceOf to join the namespace of the main service for the pod. That main service should configures container networking, expose ports to host etc. For that I plan to use systemd-nspawn --network-veth ... The problem I do not see how to pass the name of the main service created with systemd-nspawn to that template. Obviously I can create own unit for the main service that contains PrivateNetwork=true, but then I cannot use --network-veth with nspawn as that configures the namespace that nspawn creates, not the one from the unit. Any suggestions? _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
