Skip to content
This repository has been archived by the owner on Mar 28, 2018. It is now read-only.

Networking: "docker run --net=host ..." does not work. #81

Closed
jodh-intel opened this issue Aug 5, 2016 · 4 comments
Closed

Networking: "docker run --net=host ..." does not work. #81

jodh-intel opened this issue Aug 5, 2016 · 4 comments
Assignees
@mcastelino
Labels
domain:networking

Comments

@jodh-intel
Copy link
Contributor

jodh-intel commented Aug 5, 2016
edited by grahamwhaley
Loading

Known limitation of code used to fix #38.
@jodh-intel jodh-intel mentioned this issue Aug 5, 2016
Closed
@mcastelino
Copy link
Contributor

--net=host will require mapping of the full host networking stack into the VM. This is currently not possible given the nature of VMs. Currently looking at the use cases of --net=host in container orchestrators and the plan it to support the use case vs supporting --net=host at this point in time.

@mcastelino mcastelino changed the title "docker run --net=host ..." does not work. Networking: "docker run --net=host ..." does not work. Aug 8, 2016
@dlespiau
Copy link
Contributor

dlespiau commented Sep 9, 2016

Reusing the host network stack doesn't really map to the VM model. Closing for now with the limitation documented in the wiki. Might want to revisit this if we find something using it and can partially implement it.

@dlespiau dlespiau closed this as completed Sep 9, 2016
@grahamwhaley
Copy link

@dlespiau @mcastelino @jodh-intel Question on this (before I maybe re-open this or create a new issue).
It seems that if I do use --net=host (it was a recommendation to get the ceph/demo hub image up...), then it seems to 'take out' my host network. Looking at the code, I suspect this is no surprise - I think we will scan to find the ipv4 network we are on, and reprogram it to point at the VM bridge - but, in the case of a --net=host, we actually reprogram the host network - and kaboom?

I tried this on native hardware (connected over SSH), and SSH'd into a VM (ciao-down) - both times the effect is 'machine has hung', whereas I suspect reality is that 'machine has been taken off network'.

Do we think we can at least add some code to realise when we are on the host network and fail more graciously? I had a quick peek at the code - my only thought on how is maybe we can detect that we are not in a network namespace (I don't even know if that is true for --net=host?), and fail. Thoughts?

@dlespiau
Copy link
Contributor

A new issue to try and detect that case sounds good to me (on both 2.x and 3.0 maybe). What exactly we can do then is interesting as well, ranging from failing to create the container to trying to bridging the VM to ethernet interfaces on the host.

Something along the lines of detecting if we are in a networking ns sounds like the only thing we can really do indeed.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@mcastelino mcastelino

Labels
domain:networking
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dlespiau @grahamwhaley @mcastelino @jodh-intel