On 12-03-2014 14:11, Paul Gideon Dann wrote:
On Wednesday 12 Mar 2014 14:06:30 Mauro Santos wrote:
No netctl here :)
I systemd-networkd enabled on boot and 3 files in /etc/systemd/network
cat brkvm.netdev
[NetDev] Name=brkvm Kind=bridge
cat brkvm.network
[Match] Name=brkvm
[Network] Description=Bride for use with virtual machines and containers Address=192.168.56.1/24
cat vb-veth.network
[Match] Name=vb-*
This last one is sort of a hack to bring the network up as it shows up, I suppose systemd-nspawn should do it by itself, this might be a bug, unless there is a good reason not to bring the network up automatically.
Inside the container I do manual setup of the network address since I'm not actually booting it.
Mind you that you may have to do systemctl daemon-reload (not really sure if this one is needed) and restart systemd-networkd for any changes to make effect.
Can I ask you both why you chose this route of creating a private network? As far as I can tell, by default systemd-spawn will allow the container to use the host's interface. I would have thought that would be adequate for most usecases?
Paul
Because I have both a virtual machine and container that need to talk to each other. Initially I had this setup specifically because of qemu, I wanted access to a few ports inside the virtual machine and having to setup some kind of nat would be a pain (and another variable in case things didn't work). After I saw that systemd-nspawn now has more network isolation features I just used the setup I had. It's possible this is overkill for what I want but it was the solution I came up with at the time. -- Mauro Santos