[lxc-users] tap interface in unprivileged container?
Dirk Geschke
dirk at lug-erding.de
Mon Jul 20 18:49:31 UTC 2015
Hi LXC-Users,
is there an easy way to create/move a tap interface to an unprivileged
container?
My idea is to create an unprivileged container in order to create
virtual networks within the container. That would separate it from
other containers and other virtual networks.
So in the container one could start several kvm instances and connect
them via e.g. vde_switch. But one needs one entry point to this virtual
network, this can be done with a tap interface as a link between an
instance of vde_switch and the container.
But in the moment I have no clue how to do this...
Has anyone an idea? Do I have to start the unprivileged container
as user root with enough UID/GID mappings in order to achieve this?
Or do I need a tool similar to lxc-user-nic to create a tap device
on the host and move it to the container?
Or did anyone already realized something similar, e.g. for openvpn?
Best regards
Dirk
--
+----------------------------------------------------------------------+
| Dr. Dirk Geschke / Plankensteinweg 61 / 85435 Erding |
| Telefon: 08122-559448 / Mobil: 0176-96906350 / Fax: 08122-9818106 |
| dirk at geschke-online.de / dirk at lug-erding.de / kontakt at lug-erding.de |
+----------------------------------------------------------------------+
More information about the lxc-users
mailing list