dhcpcd-discuss

Home Other Lists Thread Index Date Index Search
Thread Prev Thread Next Date Prev Date Next Thread Index Date Index

Re: Evolution request for managing namespaces

Roy Marples

Tue Apr 07 11:37:16 2020
On 07/04/2020 08:17, Stéphane Veyret wrote:

I spent a lot of time trying to use dhcpcd in namespaces. Maybe I did
not do it correctly, but I feel there should be improvements in order
to ease such usages.

My use case is the following: I have a Docker container running. I
added a (macvlan) interface in this container, connected to the
physical host interface. Now I want to ask the DHCP server an address
for the container.

The problem is that the dhcpcd service is already started in the host,
in order to provide address to the host interfaces. So, when I try to
execute:

nsenter -t 1234 -n dhcpcd container-eth0

dhcpcd actually sends the request to the running master process, which
does not see the container-eth0 interface and so is not working. What
I had to do is stop the running service, then execute the namespace
request, and restart the service.

An evolution which seems simple to me and which would be very helpful
would be a cli option to force dhcpcd to create a new process and not
call the master, even if present (the contrary of --master).
So, if I understand the problem correctly the container 1234 sees the same root as the host? ie /var/run/dhcpcd on both point to the same location?
If the root is the same for both, what's your expectation with managing conflicts if say they receieve different DNS data for /etc/resolv.conf?
This might be as simple as not running the dhcpcd instance on the host in master mode - limit it to a single interface and do the same in your containers. 


There could be a more complex evolution to directly manage namespace
in dhcpcd, so that the single master daemon would also see interfaces
in provided namespaces. This could also be interesting as there may be
multiple interfaces with same name in multiple namespaces, which would
create conflict for the creation of the pid file.


Unlikely to happen, or at least not by me.


What do you think? Does this make sense or am I mistaken?


I don't know anything about docker or namespaces or cgroups.
But I'll try and help.

Roy
Follow-Ups:
Re: Evolution request for managing namespacesStéphane Veyret
References:
Evolution request for managing namespacesStéphane Veyret
Archive administrator: postmaster@marples.name