aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Holzinger <paul.holzinger@web.de>2021-05-15 12:02:44 +0200
committerPaul Holzinger <paul.holzinger@web.de>2021-05-15 22:46:53 +0200
commit460182dc5dc4caf2199b46370882237e6735fa3b (patch)
tree04822d38fbf03d0a2bb212f03419e8cb967f4f97
parent90a12acb7e4851b4b1b672ec06a4628af5f8954e (diff)
downloadpodman-460182dc5dc4caf2199b46370882237e6735fa3b.tar.gz
podman-460182dc5dc4caf2199b46370882237e6735fa3b.tar.bz2
podman-460182dc5dc4caf2199b46370882237e6735fa3b.zip
network tutorial: update with rootless cni changes
Starting with podman v3.2 rootless cni will work without the rootless-cni-infra container. Update the network tutorial to reflect the latest changes and mention that the infra container can be removed. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
-rw-r--r--docs/tutorials/basic_networking.md16
1 files changed, 10 insertions, 6 deletions
diff --git a/docs/tutorials/basic_networking.md b/docs/tutorials/basic_networking.md
index 51dfa7564..850bf6681 100644
--- a/docs/tutorials/basic_networking.md
+++ b/docs/tutorials/basic_networking.md
@@ -87,12 +87,16 @@ network, and the one will be created as a bridge network.
$ podman network create
```
-When rootless containers are run with a CNI networking configuration, a “side-car”
-container for running CNI is also run. Do not remove this container while your rootless
-containers are running. if you remove this container (e.g by accident) all attached
-containers lose network connectivity. In order to restore the network connectivity
-all containers with networks must be restarted. This will automatically recreate
-the "side-car" container. For rootfull containers, there is no “side-car” container
+When rootless containers are run with a CNI networking configuration, CNI operations
+will be executed inside an extra network namespace. To join this namespace, use
+`podman unshare --rootless-cni`. Podman version 3.1 and earlier use a special “side-car”
+container called rootless-cni-infra. Do not remove this container while your rootless
+containers are running. If you remove this container (e.g. by accident), all attached
+containers lose network connectivity. In order to restore the network connectivity, all
+containers with networks must be restarted. This will automatically recreate the "side-car"
+container. When you are using version 3.2 or newer the “side-car” container can be
+safely removed. Therefore, it is no longer used.
+For rootfull containers, there is no extra namespace or “side-car” container
as rootfull users have the permissions to create and modify network interfaces on
the host.