1:57 p.m.
Hello all,
I have a pod that has a service running that has to run on a VPN. I've been able to
make this setup work and I'm able to access the service on my local network too.
The set up is:
podman pod create --name=mypod --share net -p 8080:8080
podman run -d --name=vpn --cap-add=NET_ADMIN --device /dev/net/tun --restart
unless-stopped openvpn
podman run -d --name=myservice --restart unless-stopped myservice
I've now figured out that the container `myservice` may also need a non-vpn
connection. Therefore I'd like to add an additional nic to the container, that
_isn't_ running over the VPN.
Is there a solution at all for this?
Failing that, I can setup a small proxy within the same pod that I can point `myservice`
to. Would it be possible to ensure said proxy doesn't run over the VPN?
Note, I'm aware that I could potentially run aforementioned proxy on a separate pod,
and then point myservice to the proxy pod, though I'd like to avoid that if possible.
Happy to provide additional clarifications.
Thanks
4:20 p.m.
Hello all,
Does any one have any thoughts on this?
Thanks
-------- Original Message --------
On 13 Dec 2020, 19:57, fugkco wrote:
Hello all,
I have a pod that has a service running that has to run on a VPN. I've been able to
make this setup work and I'm able to access the service on my local network too.
The set up is:
> podman pod create --name=mypod --share net -p 8080:8080
> podman run -d --name=vpn --cap-add=NET_ADMIN --device /dev/net/tun --restart
unless-stopped openvpn
> podman run -d --name=myservice --restart unless-stopped myservice
I've now figured out that the container `myservice` may also need a non-vpn
connection. Therefore I'd like to add an additional nic to the container, that
_isn't_ running over the VPN.
Is there a solution at all for this?
Failing that, I can setup a small proxy within the same pod that I can point `myservice`
to. Would it be possible to ensure said proxy doesn't run over the VPN?
Note, I'm aware that I could potentially run aforementioned proxy on a separate pod,
and then point myservice to the proxy pod, though I'd like to avoid that if possible.
Happy to provide additional clarifications.
Thanks
5:46 a.m.
Not a great time to ask. Most of the core developers are on holiday break.
On 12/23/20 17:20, fugkco via Podman wrote:
Hello all,
Does any one have any thoughts on this?
Thanks
-------- Original Message --------
On 13 Dec 2020, 19:57, fugkco < fugkco(a)protonmail.com> wrote:
Hello all,
I have a pod that has a service running that has to run on a VPN.
I've been able to make this setup work and I'm able to access the
service on my local network too.
The set up is:
podman pod create --name=mypod --share net -p 8080:8080
podman run -d --name=vpn --cap-add=NET_ADMIN --device
/dev/net/tun --restart unless-stopped openvpn
podman run -d --name=myservice --restart unless-stopped myservice
I've now figured out that the container `myservice` may also need
a non-vpn connection. Therefore I'd like to add an additional nic
to the container, that _isn't_ running over the VPN.
Is there a solution at all for this?
Failing that, I can setup a small proxy within the same pod that I
can point `myservice` to. Would it be possible to ensure said
proxy doesn't run over the VPN?
Note, I'm aware that I could potentially run aforementioned proxy
on a separate pod, and then point myservice to the proxy pod,
though I'd like to avoid that if possible.
Happy to provide additional clarifications.
Thanks
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io
8:26 a.m.
On 2020-12-13 19:57, fugkco via Podman wrote:
Hello all,
I have a pod that has a service running that has to run on a VPN. I've been able to
make this setup work and I'm able to access the service on my local network too.
The set up is:
> podman pod create --name=mypod --share net -p 8080:8080
> podman run -d --name=vpn --cap-add=NET_ADMIN --device /dev/net/tun --restart
unless-stopped openvpn
> podman run -d --name=myservice --restart unless-stopped myservice
I've now figured out that the container `myservice` may also need a non-vpn
connection. Therefore I'd like to add an additional nic to the container, that
_isn't_ running over the VPN.
Is there a solution at all for this?
Failing that, I can setup a small proxy within the same pod that I can point `myservice`
to. Would it be possible to ensure said proxy doesn't run over the VPN?
Note, I'm aware that I could potentially run aforementioned proxy on a separate pod,
and then point myservice to the proxy pod, though I'd like to avoid that if possible.
Happy to provide additional clarifications.
Thanks
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io
Podman 2.2.x and up support the `podman network connect` command, and
I believe it will do what you're asking - take an existing container,
and connect it to a new network. Since you want to affect the whole
pod, find the pod's infra container (look for the ID in `podman pod
inspect` in the `InfraContainerID` field) and do a `network connect`
on that container.
Please note that `network connect` needs the container to be running
for the moment - that bit should be addressed in 3.0 and up, where it
will also work on non-running containers.
Thanks,
Matt Heon
1417
days inactive
1439
days old
3 comments
3 participants
participants (3)
-
Daniel Walsh -
fugkco -
Matt Heon