[lxc-users] Unix Sockets communications between containers

Stéphane Graber stgraber at ubuntu.com
Tue Nov 11 20:09:22 UTC 2014


No, this will not work over NFS.

On Tue, Nov 11, 2014 at 03:03:34PM -0500, CDR wrote:
> This is fascinating. I will try and report if it does work.
> Now, suppose the container is a mount that at the same time it is exported
> an NFS share. Will the computers that are remotely mounting that share, be
> able to use the socket for querying mysql? That opens a realm of
> possibilities for my current business. Believe or not my client sells
> access to mysql databases, in real time.
> 
> 
> On Tue, Nov 11, 2014 at 2:52 PM, Serge Hallyn <serge.hallyn at ubuntu.com>
> wrote:
> 
> > Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > > On Tue, 2014-11-11 at 20:20 +0100, Hans Feldt wrote:
> > > > With a dir potentially you get a bunch of other sockets available in
> > the container, how can such
> > > > security issue be handled?
> > >
> > > Use tailored application specific directories for the sockets?  That's
> > > no different than using application specific subdirectories for temp
> > > files.  Even if it's just one socket in one directory, creating that
> > > additional directory provides the isolation from other sockets you
> > > desire while supporting socket recreation as Serge points out.
> >
> > Right, I was thinking like how cgmanager does it.
> >
> > -serge
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> >

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users


-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20141111/8cec6284/attachment-0001.sig>


More information about the lxc-users mailing list