[lxc-devel] [RFC 0/8] Unprivileged container creation and use
Serge Hallyn
serge.hallyn at ubuntu.com
Tue Jul 23 13:28:25 UTC 2013
Quoting Jäkel, Guido (G.Jaekel at dnb.de):
>
> >The downside of this approach though is that we'd have to ban the
> >lxc.network option allowing you to change the host interface name or use
> >that as a suffix for lxc-<uid>-<whatever the user set in their config>.
>
> Please don't drop this option completely. In my framework I'm using it to set the external veth name to the name of the container - a very obvious scheme.
>
> Also be aware that the old-fashioned ifconfig command will accept longer names, but on the display action it cuts the names to a limited length.
Actually in the kernel IFNAMSIZ is set to 16. We could play games if
it's worth it to us. Or for that matter, we could simply record the
link name in the /run/lxc/nics file that tracks usage (instead of a
count), and then on each container start we can weed out any nics which
no longer exist. That actually solves the problem I had.
It doesn't feel very elegant though :) But workable trumps elegant in
a pinch.
-serge
More information about the lxc-devel
mailing list