-
I'm working on a project where I'd like containers to be directly accessible via IP from the host. This works in the privileged daemon, but with rootless it's only accessible via the rootlesskit namespace. I assume this has to do with rootlesskit's default networking setup and I'd like to change this if possible. I'm binding the containers to |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
unprivileged user cannot manage the host network stack. for this reason we pass through rootlesskit namespace ( to acheive this, a workaroud is to nsenter into the container namespace from host and then access container using the container ip :
from host, nsenter container network ns :
|
Beta Was this translation helpful? Give feedback.
unprivileged user cannot manage the host network stack. for this reason we pass through rootlesskit namespace (
slirp4netns
) to go outside.to acheive this, a workaroud is to nsenter into the container namespace from host and then access container using the container ip :
get container pid
: