You are not logged in.
- Topics: Active | Unanswered
#1 2015-05-30 13:46:35
- Name Taken
- Banned
- Registered: 2014-04-09
- Posts: 113
Systemd-nspawn Network
This post talks about systemd-networkd NAT for systemd-nspawn but doesn't explain on how to set it up. I current have virbr0 created by Libvirtd which I can get a NAT address inside the container with LXC and systemd-nspawn --network-bridge=virbr0 --port 80:80 -jbM ubuntu-nginx but port 80 is not forwarded on the host unlike if I ran docker run -d -p 80:80 nginx. How can I create a virbr0 like NAT interface using systemd-networkd instead of Libvirtd and get systemd-nspawn port forwarding to work?
Offline
#2 2015-05-30 13:59:21
- Spider.007
- Member
- Registered: 2004-06-20
- Posts: 1,175
Re: Systemd-nspawn Network
https://wiki.archlinux.org/index.php/Sy … containers + `man systemd-nspawn`
-p, --port=
If private networking is enabled, maps an IP port on the host onto
an IP port on the container. Takes a protocol specifier (either
"tcp" or "udp"), separated by a colon from a host port number in
the range 1 to 65535, separated by a colon from a container port
number in the range from 1 to 65535. The protocol specifier and its
separating colon may be omitted, in which case "tcp" is assumed.
The container port number and its colon may be ommitted, in which
case the same port as the host port is implied. This option is only
supported if private networking is used, such as --network-veth or
--network-bridge=.
which implies you're doing it correctly; did you try running tcpdump to see where your packets are rejected?
Last edited by Spider.007 (2015-05-30 14:00:43)
Offline
#3 2015-05-30 14:00:43
- Name Taken
- Banned
- Registered: 2014-04-09
- Posts: 113
Re: Systemd-nspawn Network
https://wiki.archlinux.org/index.php/Sy … containers + `man systemd-nspawn`
-p, --port=
If private networking is enabled, maps an IP port on the host onto
an IP port on the container. Takes a protocol specifier (either
"tcp" or "udp"), separated by a colon from a host port number in
the range 1 to 65535, separated by a colon from a container port
number in the range from 1 to 65535. The protocol specifier and its
separating colon may be omitted, in which case "tcp" is assumed.
The container port number and its colon may be ommitted, in which
case the same port as the host port is implied. This option is only
supported if private networking is used, such as --network-veth or
--network-bridge=.
which seems to say valid options are tcp:80:80, 80:80 and 80. I am under the impression --port automatically setups up the necessary routing like Docker but that doesn't seem to be the case. If private networking is enabled with
systemd-nspawn --private-network --port 80:80 -jbM ubuntu-nginxthen only localhost would be available inside but the port should still be forwarded to the host?
Last edited by Name Taken (2015-05-30 14:19:48)
Offline
#4 2015-06-12 00:57:55
- jernst
- Member
- From: Silicon Valley
- Registered: 2014-03-04
- Posts: 303
- Website
Re: Systemd-nspawn Network
Did you get this to work?
Offline
#5 2015-09-10 20:47:29
- jernst
- Member
- From: Silicon Valley
- Registered: 2014-03-04
- Posts: 303
- Website
Re: Systemd-nspawn Network
This works for me now.
Offline