For --net=host do not create a new UTS namespace#12185
For --net=host do not create a new UTS namespace#12185ibuildthecloud wants to merge 1 commit intomoby:masterfrom
Conversation
For --net=host we should share the UTS namespace of the host. This requires not sending the hostname to libcontainer, so we blank it out. Signed-off-by: Darren Shepherd <darren@rancher.com>
|
I'm a bit of confused, how would this CL address the need to set hostname while running in --net="host" mode? |
|
To give a bit of background on why this is needed... In RancherOS we run everything in a container (go containers!). So network configuration happens in the a container using |
|
@sunyc, oops. I totally read your issue wrong. Sorry, it doesn't address it. I'll delete that comment. |
|
I'm not the expert here, but I think your patch makes total sense: +1. |
There was a problem hiding this comment.
There is validation in libcontainer about missing NEWUTS and non-empty hostname. So I think it is better to remove emptying Hostname. Also docker itself forbids --net=host with --hostname.
There was a problem hiding this comment.
@LK4D4 I don't follow. I had to set Hostname="" because libcontainer itself would blow up saying I can't specify a hostname if UTS isn't private. So I set Hostname to ""
|
I wonder if we should have some check in libcontainer too. |
|
Yes, I think it makes to have a check in lib container. Sent from my iPhone
|
|
@ibuildthecloud I would rather go ahead and expand to a new |
|
@crosbymichael Is non-host UTS makes sense for host NET? |
|
@crosbymichael I'm fine with the uts flag. I'll implement that if you think its a better approach. I guess at least that way we won't break something by changing the behavior of --net=host. |
|
@LK4D4 I think it makes sense, hostname does not necessarily have anything related to networking, that is why they are in two different namespaces. I know it's kinda weird but we talked about this in the past because I asked the same question to others if we should drop UTS when we drop NET |
|
@crosbymichael Cool, thanks! |
|
Can we simply reuse the --hostname=XXX flag? smt like --hostname=host would make t use host's hostname , This also have the potential to make it possible to change hostname with --net="host" --hostname=XXXX , |
|
If prefer to not have magic value of hostname. If we add the uts flag, I think it would make sense to change Docker to support hostname with net host. |
|
erk, I don't your use case for change the actual hostname but I don't that is the expected output for most other people |
|
@crosbymichael I think @sunyc wants to be able to run with net=host but still have a different hostname for the container. |
|
I though we decided for separate flag for UTS. As @crosbymichael said UTS namespace actually not directly related for networking. |
I think this seems to be the consensus here? On Wed, Apr 15, 2015 at 12:06 AM, Alexander Morozov <
|
|
If I understand correctly, a new PR will follow: I'm closing this one! |
Currently Docker create a UTS namespace when
--net=hostis used. I honestly don't know why and this change scares me a bit because of that. But... this change is quite simple in that we don't set the hostname or create UTS namespace if the network mode is host.