Adding the macvlan functionality to Podman’s new network stack

Related tags

Network programming network dhcp-client podman
Overview

Netavark DHCP Proxy Server

See https://github.com/containers/netavark-dhcp-proxy for the newest changes

Short Summary

Adding the macvlan functionality to Podman’s new network stack

Objective

The old network stack that used container-networking-plugins (CNI) had the ability to configure a macvlan network. The primary purpose of the macvlan set up was to provide the container with a routable IP address so Network Address Translation (NAT) and port mapping was not needed. This functionality has not been added to the new network stack (netavark) yet.

One of the challenges of the macvlan set up is that containers do not typically have a full set of network tools installed in them. And most certainly, very few have things like dhclient. And even if they did, they will usually lack an init system that could deal with re-leasing IP addresses. The solution for CNI was to create a separate binary that acted as a “dhcp-proxy” for macvlan containers. The dhcp-proxy was generally run by systemd and it performed the DHCP operations needed by the container. This lease information that was then provided by the DHCP server was then statically assigned to the container by Podman.

For the new implementation, we will largely follow the same architecture but will attempt to provide improvements as needed.

Use case

I have a web-based service that runs from a container. While I know I can expose the service from the container host using port-mapping, I do not want users to have to specify any port related information when communicating with the web service. I want the container to appear as if it were any other host on the network to its users.

topo

Build

$ make
$ make build-release

Testing


You can run make test to run both unit and integration tests.  There are also make targets
for `unit` and `integration` that can be run separately.

$ make test
You might also like...
A Curve-like AMM for Secret Network

A Curve-like AMM for Secret Network. Supports a varibale number of tokens with the same underlying value.

Enigma 16 Dec 11, 2022
A multi-protocol network relay

A multi-protocol network relay

zephyr 43 Dec 13, 2022
A Rust library for parsing the SOME/IP network protocol (without payload interpretation).

someip_parse A Rust library for parsing the SOME/IP network protocol (without payload interpretation). Usage Add the following to your Cargo.toml: [de

Julian Schmid 18 Oct 31, 2022
Computational Component of Polkadot Network
Computational Component of Polkadot Network

Gear is a new Polkadot/Kusama parachain and most advanced L2 smart-contract engine allowing anyone to launch any dApp for networks with untrusted code.

null 145 Dec 19, 2022
Fullstack development framework for UTXO-based dapps on Nervos Network

Trampoline-rs The framework for building powerful dApps on the number one UTXO chain, Nervos Network CKB. This is an early-stage, currently very incom

TannrA 2 Mar 25, 2022
Official Implementation of Findora Network.

Findora Platform Wiki Contribution Guide Licensing The primary license for Platform is the Business Source License 1.1 (BUSL-1.1), see LICENSE. Except

Findora Foundation 61 Dec 9, 2022
Simple in-network file transfer with barely any overhead.

fftp fftp is the "Fast File Transport Protocol". It transfers files quickly between computers on a network with low overhead. Motivation FTP uses two

leo 4 May 12, 2022
A cross-platform, user-space WireGuard port-forwarder that requires no system network configurations.

Cross-platform, user-space WireGuard port-forwarder that requires no system network configurations.

Aram Peres 629 Jan 4, 2023
An implementation of the CESS network supported by CESS LAB.
An implementation of the CESS network supported by CESS LAB.

--------- 🌌 ---------An infrastructure of decentralized cloud data network built with Substrate-------- 🌌 -------- ---------------- 🌌 -------------

Cess Project 249 Dec 26, 2022
Comments
  • Tweak Makefile

    Tweak Makefile

    Some tweaks for the Makefile that allow for more granular testing. Also created some .PHONY targets for building the proxy and the client. This should be a good start. More tightening will be required later but I didn't want to go overboard because we will likely be able to leverage netavarks Makefile at some point (when we merge?)

    Added validate target. This runs cargo fmt and clippy to ensure code is clean and valid. Consider running this before each commit.

    Signed-off-by: Brent Baude [email protected]

    opened by baude 1
  • Lots of changes

    Lots of changes

    This PR is a culmination of changes:

    • Remove IPResponse struct and replace with Lease.
    • Add CLI options to client for:
      • --file read config from file
      • --port use a non-default grpc-port
      • read config from command line (/dev/stdin)
    • Small tweaks to the Makefile
    • Push client code from client.rs to commands/setup|teardown.rs
    • Add test configuration file

    Signed-off-by: Brent Baude [email protected]

    opened by baude 0
Owner
Jack
Studying Computer science at the UMN. Interested in systems and network engineering.
Jack
GitHub
RusTCP is an attempt to rewrite some of the PyTCP stack functionality using Rust language.

RusTCP is an attempt to rewrite some of the PyTCP stack functionality using Rust language. Currently, the main goal of this project is to create a stable IPv6 platform that could be used to facilitate the process of labing the SRv6 technology.

Sebastian Majewski 3 Dec 5, 2022
Crate extending futures stream combinators, that is adding precise rate limiter

stream-rate-limiter Stream combinator .rate_limiter(opt: RateLimitOptions) Provides way to limit stream element rate with constant intervals. It adds

null 3 Jul 23, 2023
netavark: A container network stack

netavark: A container network stack Netavark is a rust based network stack for containers. It is being designed to work with Podman but is also applic

Containers 230 Jan 2, 2023
Docker containers on a synthetic network. Run applications in a context that lets you manipulate their network conditions.

Synthetic Network Docker containers on a synthetic network. Run applications in a context that lets you manipulate their network conditions. Dependenc

Daily 58 Dec 15, 2022
a smol tcp/ip stack

smoltcp smoltcp is a standalone, event-driven TCP/IP stack that is designed for bare-metal, real-time systems. Its design goals are simplicity and rob

smoltcp 2.8k Jan 4, 2023
The Rust Implementation of libp2p networking stack.

Central repository for work on libp2p This repository is the central place for Rust development of the libp2p spec. Warning: While we are trying our b

libp2p 3k Jan 4, 2023
Fast User-Space TCP/UDP Stack

Catnip Catnip is a TCP/IP stack that focuses on being an embeddable, low-latency solution for user-space networking. Building and Running 1. Clone Thi

Demikernel 79 Sep 9, 2022
🤖 brwrs is a new protocol running over TCP/IP that is intended to be a suitable candidate for terminal-only servers

brwrs is a new protocol running over TCP/IP that is intended to be a suitable candidate for terminal-only servers (plain text data). That is, although it can be accessed from a browser, brwrs will not correctly interpret the browser's GET request.

daCoUSB 3 Jul 30, 2021
Network simulation in Rust

netsim - A Rust library for network simulation and testing (currently linux-only). netsim is a crate for simulating networks for the sake of testing n

Andrew Cann 115 Dec 15, 2022
A private network system that uses WireGuard under the hood.

innernet A private network system that uses WireGuard under the hood. See the announcement blog post for a longer-winded explanation. innernet is simi

Tonari, Inc 4.1k Dec 29, 2022