firecracker-containerd icon indicating copy to clipboard operation
firecracker-containerd copied to clipboard

Published 20 hours ago verified publisher icon firecracker-microvm

Runtime should support networking

Open xibz opened this issue 6 years ago • 1 comments

  • [ ] runtime should support DNS config
  • [ ] runtime should support port mapping with host port and container port
  • [ ] runtime should support port mapping with only container port

xibz avatar Feb 07 '19 21:02 xibz

Some preliminary thoughts on this in relation to the CNI support being added to Firecracker-containerd:

The CNI support for Firecracker-containerd allows VMs as a whole to be spun up in a CNI-configured network namespace, so containers that want access to that CNI-configured network need to use their "host" netns (which is actually the Firecracker VM guest's netns).

For CRI-containerd specifically, one valid approach may be to specify that the "sandbox" container use the "host" netns, which will then result in all other containers in the pod using that same netns. This in theory should have an end effect of all containers in the pod have network access to the VM's CNI-configured network.

sipsma avatar Sep 20 '19 18:09 sipsma