Pasta equivalent to macvlan #22709
Replies: 1 comment
-
...that's expected: Podman doesn't want pasta accidentally "leaking" container ports to the host, so you have to forward ports explicitly. pasta, by itself, would otherwise give you Still, at the moment, you can't use that feature together with a specific address, that is, you can't say After that, we'll probably be able to support something like this: https://bugs.passt.top/show_bug.cgi?id=48. It might still look a bit more convoluted than macvlan, but at that point we should have equivalent functionality implemented in userspace.
You can bind specific ports to two different addresses. With stand-alone pasta (not a container, just as a network configuration example):
and another network namespace can have, at the same time,
if both 192.0.2.1 and 192.0.2.2 are assigned the host. Note that the wish from https://bugs.passt.top/show_bug.cgi?id=48 goes beyond that: with IPv6 and non-local binds enabled, containers could have their own address sharing a prefix with the host, and we wouldn't need to configure those specific addresses on the host at all, so that would be some kind of zero-configuration thing. |
Beta Was this translation helpful? Give feedback.
-
With Pasta now the default for rootless networking, I'm finally motivated to convert all of my containers to rootless.
I've been experimenting but have been left a little confused. Specifically what the purpose of the
-a
and-o
options are for.If I run the following command, my container is only reachable via the host IP address:
If I remove
-p 3000:3000/tcp
from the command, then the container is not reachable at all. With or without--map-gw
makes no difference.Now, I wasn't expecting full macvlan capability, but based on the switches I was at least hoping.
So, having read the shortcomings of rootless podman, is it possible (without involving NAT or a proxy) to serve up the same port from two separate rootless containers on the same host similar to macvlan? If yes, are there examples one can follow?
Thanks!
Beta Was this translation helpful? Give feedback.
All reactions