From nix-dev Tue Mar 14 20:43:02 2017 From: Arnold Krille Date: Tue, 14 Mar 2017 20:43:02 +0000 To: nix-dev Subject: Re: [Nix-dev] nixos-container networking Message-Id: <20170314214302.17227819 () xingu ! arnoldarts ! de> X-MARC-Message: https://marc.info/?l=nix-dev&m=148952420405299 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--===============3409068799230520182==" --===============3409068799230520182== Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/+5LCF3FjTLszXE7pa8yy59l"; protocol="application/pgp-signature" --Sig_/+5LCF3FjTLszXE7pa8yy59l Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi, I think one of the best resources showing how networking and containers works, is the tests for containers and networking ;-) =46rom them I also based my setup which you can see a slightly old version of at https://github.com/kampfschlaefer/nixconfig. Also you already found the 13-char limit on container names, which is a result of the 16-char limit of network interface names in linux and the devices are vb- or ve- for the containers=E2=80=A6 I was planni= ng to add an assertion there but got sidetracked by life and a 3D printer. Have fun, Arnold On Mon, 13 Mar 2017 02:12:12 +0000 Tomasz Czy=C5=BC wrote: > Hey, >=20 > could anyone using nixos-container (declarative style) share how you > setup networking? >=20 > I'm trying to setup few containers with private network and http > proxy at the front. Each container potentially could run application > on port 80 and I would like to expose them through proxy. >=20 > I tried to set this up with >=20 > privateNetwork=3Dtrue; > hostAddress > localAddress >=20 > and I tried to also run nat on the host with (just to enable outbound > traffic) > internalInterfaces =3D ["ve-+"]; > externalInterfaces =3D "eth0"; >=20 > but no luck. > My next try will be creating bridge on the host and add containers to > that bridge. Is that how you do stuff or are better ways of doing > container networking? >=20 > Tom --Sig_/+5LCF3FjTLszXE7pa8yy59l Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAljIVdoACgkQtuvagsE+DE5xNQD/d+OXt4wZDf77U+dDncqn0Pam bT82mr34Cb2sBehlUDgBALx18QUXXol7sgXN9TZhGCCI3vvmm0Tc2WkBjwep/G1m =iUxk -----END PGP SIGNATURE----- --Sig_/+5LCF3FjTLszXE7pa8yy59l-- --===============3409068799230520182== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev --===============3409068799230520182==--