diff options
| author | Paul Holzinger <paul.holzinger@web.de> | 2021-03-29 18:57:54 +0200 |
|---|---|---|
| committer | Paul Holzinger <paul.holzinger@web.de> | 2021-04-07 15:54:12 +0200 |
| commit | 0a39ad196cf4af601b0ea32b2c0e0490c9079377 (patch) | |
| tree | bb13c7343185c3c42356b16a4e9f55508ea6f786 /docs/source/markdown | |
| parent | 0e67053b9a26f20e5ccbffdcc5e7a84254ca16b8 (diff) | |
| download | podman-0a39ad196cf4af601b0ea32b2c0e0490c9079377.tar.gz podman-0a39ad196cf4af601b0ea32b2c0e0490c9079377.tar.bz2 podman-0a39ad196cf4af601b0ea32b2c0e0490c9079377.zip | |
podman unshare: add --rootless-cni to join the ns
Add a new --rootless-cni option to podman unshare to also join the
rootless-cni network namespace. This is useful if you want to connect
to a rootless container via IP address. This is only possible from the
rootless-cni namespace and not from the host namespace. This option also
helps to debug problems in the rootless-cni namespace.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Diffstat (limited to 'docs/source/markdown')
| -rw-r--r-- | docs/source/markdown/podman-unshare.1.md | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/docs/source/markdown/podman-unshare.1.md b/docs/source/markdown/podman-unshare.1.md index 239213981..4451ad79c 100644 --- a/docs/source/markdown/podman-unshare.1.md +++ b/docs/source/markdown/podman-unshare.1.md @@ -24,6 +24,19 @@ The unshare session defines two environment variables: - **CONTAINERS_GRAPHROOT**: the path to the persistent container's data. - **CONTAINERS_RUNROOT**: the path to the volatile container's data. +## OPTIONS + +#### **\-\-help**, **-h** + +Print usage statement + +#### **\-\-rootless-cni** + +Join the rootless network namespace used for CNI networking. It can be used to +connect to a rootless container via IP address (CNI networking). This is otherwise +not possible from the host network namespace. +_Note: Using this option with more than one unshare session can have unexpected results._ + ## EXAMPLE ``` @@ -35,6 +48,30 @@ $ podman unshare cat /proc/self/uid_map /proc/self/gid_map 1 10000 65536 0 1000 1 1 10000 65536 + +$ podman unshare --rootless-cni ip addr +1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host + valid_lft forever preferred_lft forever +2: tap0: <BROADCAST,UP,LOWER_UP> mtu 65520 qdisc fq_codel state UNKNOWN group default qlen 1000 + link/ether 36:0e:4a:c7:45:7e brd ff:ff:ff:ff:ff:ff + inet 10.0.2.100/24 brd 10.0.2.255 scope global tap0 + valid_lft forever preferred_lft forever + inet6 fe80::340e:4aff:fec7:457e/64 scope link + valid_lft forever preferred_lft forever +3: cni-podman2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 + link/ether 5e:3a:71:d2:b4:3a brd ff:ff:ff:ff:ff:ff + inet 10.89.1.1/24 brd 10.89.1.255 scope global cni-podman2 + valid_lft forever preferred_lft forever + inet6 fe80::5c3a:71ff:fed2:b43a/64 scope link + valid_lft forever preferred_lft forever +4: vethd4ba3a2f@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master cni-podman2 state UP group default + link/ether 8a:c9:56:32:17:0c brd ff:ff:ff:ff:ff:ff link-netnsid 0 + inet6 fe80::88c9:56ff:fe32:170c/64 scope link + valid_lft forever preferred_lft forever ``` |