Re: [atomic-devel] podman user defined network support

[Farkas Levente <lfarkas lfarkas org>]

In the light of the above solution...

is anybody use containers with podman in any real environment?

let's just assume a database and a service (where we can't put them into the same pod)?

eg. we've a db cluster and a few service which use that cluster.

thanks in advance.

On Fri, May 17, 2019 at 2:26 AM Muayyad AlSadi <alsadi gmail com> wrote:

rootless podman containers can create network using slirp4netns

but there is no container to container communication

the workaround I used in podman-compose is that I share a network between containers

and all containers talk via pod shared localhost (not to be confused with host localhost)

I was able to run this complex stack having:

a django web interface

Postgres database

rabbitmq

memcached

tasks

all linked to gather and non-exported to host except the django web interface

https://github.com/muayyad-alsadi/podman-compose/blob/master/examples/awx/docker-compose.yml

the trick is like this

podman pod create -p 8080:80 --name=mypod --share net

podman run --name=db --pod=mypod  ...

podman run --name=web --pod=mypod --add-host db:127.0.0.1 ...

On Thu, May 16, 2019 at 5:31 PM Farkas Levente <lfarkas lfarkas org> wrote:

On 5/8/19 9:19 PM, Brent Baude wrote:
> On Wed, 2019-05-08 at 09:53 +0200, Farkas Levente wrote:
>> hi,
>> it seems that podman do not support network command. ie. it's not
>> possible to create user defined network.
>>
>> is it possible to create a user defined network somehow?
>>
>> is it possible to define a user defined network is rootless mode?
>>
>> since podman do not support --link how can communicate two container
>> in
>> a podman environment?
>>
>> without this feature is there any other way than --net=host? since
>> currently i can't find any other ways. eg. a db and a service
>> container.
>>
>> thanks in advance.
>>
>
> In order to specific a specific network, you must create that network
> with CNI.  These network descriptions are defined in /etc/cni/net.d and
> podman ships a default one.  A while back, I created a secondary cni
> network for doing some podman testing. I called the network podman2 and
> the conf file appears as:
>
> {
>     "cniVersion": "0.3.0",
>     "name": "podman2",
>     "plugins": [
>       {
>         "type": "bridge",
>         "bridge": "cni1",
>         "isGateway": true,
>         "ipMasq": true,
>         "ipam": {
>             "type": "host-local",
>             "subnet": "10.99.0.0/16",
>             "routes": [
>                 { "dst": "0.0.0.0/0" }
>             ]
>         }
>       },
>       {
>         "type": "portmap",
>         "capabilities": {
>           "portMappings": true
>         }
>       }
>     ]
> }
>
> The CNI project is outside podman and can be found ->
> https://github.com/containers/libpod/blob/master/test/e2e/common_test.go#L267
> you might also want to checkout out their plugins subproject.

ok. but this means currently there is no alternative for docker network.
what's more currently with podman you must use --net=host.
since there is no user defined network (at least with easy command
line), what's more there is no --link option for podman. so neither of
the docker container communication works with podman. is it true?



--
  Levente                               "Si vis pacem para bellum!"

--

  Levente                               "Si vis pacem para bellum!"