I wonder if it is possible to do via CNI plugin.
On Wed, Oct 13, 2021 at 12:16 PM Daniel Walsh <dwalsh(a)redhat.com> wrote:
On 10/12/21 14:48, Maximilian Ehlers wrote:
> Helo everyone,
>
> for a while I have been using containers that join themselves into a
> VPN via their entrypoint script.
>
> Only a small CIDR is forwarded to that private network and all other
> traffic gets routed over the bridged network via the host.
>
> In my exact use case the containers use WireGuard and need the
> following configurations:
>
> - private key (public keys can be derived)
> - public key of an endpoint
> - network routable IP of an endpoint
> - Port of the endpoint
> - CIDR to route to endpoint
>
> Optionally multiple endpoints could be specified.
>
> As this hack inside the entrypoint is not the most elegant way (DRY)
> and so on, I would like to ask whether or not it would be possible to
> integrate this functionality into podman.
>
> Specifically to integrate support for a WireGuard interface
> configurable via CLI flags/config && together with this giving a
> container multiple network interfaces at spawn with the ability to
> specify which CIDR should route to which interface.
>
> Implementing this would be an interesting challenge for me if it is at
> all possible (or am I wasting my time here?)/
>
> Any hints as to how I could proceed in implementing and testing this in
> a fork of the project would be much appreciated!
>
> Thanks alot
>
> Max <b-m-f>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
Network guys what do you think?
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io