|
|
|
|
|
|
by gvalkov
1947 days ago
|
|
|
Quite a lot is possible with CNI [1]. For example, we use this setup to give real IPs to containers: # /etc/cni/net.d/testnet.conflist
{
"cniVersion": "0.4.0",
"name": "testnet",
"plugins": [
{
"type": "bridge",
"bridge": "br0", # main host interface is part of this bridge
"ipam": {
"type": "host-local",
"subnet": "10.0.0.0/16",
"gateway": "10.0.0.1",
"routes": [{ "dst": "0.0.0.0/0"}]
}
}
]
}
You can then start a container and operate on its network namespace for added flexibility: podman run -it --net testnet --ip 10.0.0.2 ...
ns=$(basename $(podman inspect $id | jq -r '.[0] .NetworkSettings .SandboxKey'))
ip netns exec $ns ip route add ...
[1]: https://github.com/containernetworking/cni |
|
|