yellow team mailing list archive

[Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx>]

Quoting Francesco Banconi (francesco.banconi@xxxxxxxxxxxxx):
> On 04/13/2012 12:37 AM, Serge Hallyn wrote:
> 
> > The simple solution would be to use lxc-attach to call ifconfig in the
> > container.  lxc-attach does not work yet because some namespaces do not
> > support it.  However, /proc/self/ns/net exists.  It can be used to
> > switch to the container's network namespace, and then use
> > ioctl(SIOCGIFADDR) on the result of socket(PF_INET, SOCK_DGRAM, IPPROTO_IP).
> 
> Hi Serge,
> 
> thank you for your reply, your suggested solution (using setns to switch
> the namespace) is really interesting. How do you want to proceed? We can
> use the program you wrote or maybe we can follow the same path using,
> e.g., Python/ctypes or Go? Should we instead consider waiting for
> lxc-attach to be ready?

Waiting for lxc-attach is of course easiest, so it depends on the priority
and urgency of this for you versus time available.  The full lxc-attach
actually isn't always going to be ideal, because you may not want all
namespaces switched - for instance you may not want to be subject to
the container's mount namespaces, which you may not trust.

A python/go version of the program would be awesome  :)

I certainly wouldn't use *my* program as is :)  At least either loop
over the interfaces shown by ioctl, or have the user specify an ifname.

thanks,
-serge