[lxc-users] Unix Sockets communications between containers

CDR venefax at gmail.com
Tue Nov 11 20:03:34 UTC 2014


This is fascinating. I will try and report if it does work.
Now, suppose the container is a mount that at the same time it is exported
an NFS share. Will the computers that are remotely mounting that share, be
able to use the socket for querying mysql? That opens a realm of
possibilities for my current business. Believe or not my client sells
access to mysql databases, in real time.


On Tue, Nov 11, 2014 at 2:52 PM, Serge Hallyn <serge.hallyn at ubuntu.com>
wrote:

> Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > On Tue, 2014-11-11 at 20:20 +0100, Hans Feldt wrote:
> > > With a dir potentially you get a bunch of other sockets available in
> the container, how can such
> > > security issue be handled?
> >
> > Use tailored application specific directories for the sockets?  That's
> > no different than using application specific subdirectories for temp
> > files.  Even if it's just one socket in one directory, creating that
> > additional directory provides the isolation from other sockets you
> > desire while supporting socket recreation as Serge points out.
>
> Right, I was thinking like how cgmanager does it.
>
> -serge
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20141111/a2cb65e9/attachment.html>


More information about the lxc-users mailing list