From da7595a69fc15d131c9d8123d0a165bdde4232b6 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Thu, 28 Nov 2019 23:33:42 +0900 Subject: rootless: use RootlessKit port forwarder RootlessKit port forwarder has a lot of advantages over the slirp4netns port forwarder: * Very high throughput. Benchmark result on Travis: socat: 5.2 Gbps, slirp4netns: 8.3 Gbps, RootlessKit: 27.3 Gbps (https://travis-ci.org/rootless-containers/rootlesskit/builds/597056377) * Connections from the host are treated as 127.0.0.1 rather than 10.0.2.2 in the namespace. No UDP issue (#4586) * No tcp_rmem issue (#4537) * Probably works with IPv6. Even if not, it is trivial to support IPv6. (#4311) * Easily extensible for future support of SCTP * Easily extensible for future support of `lxc-user-nic` SUID network RootlessKit port forwarder has been already adopted as the default port forwarder by Rootless Docker/Moby, and no issue has been reported AFAIK. As the port forwarder is imported as a Go package, no `rootlesskit` binary is required for Podman. Fix #4586 May-fix #4559 Fix #4537 May-fix #4311 See https://github.com/rootless-containers/rootlesskit/blob/v0.7.0/pkg/port/builtin/builtin.go Signed-off-by: Akihiro Suda --- libpod/container.go | 3 +++ 1 file changed, 3 insertions(+) (limited to 'libpod/container.go') diff --git a/libpod/container.go b/libpod/container.go index 2693190b5..edf72f4ee 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -135,6 +135,9 @@ type Container struct { rootlessSlirpSyncR *os.File rootlessSlirpSyncW *os.File + rootlessPortSyncR *os.File + rootlessPortSyncW *os.File + // A restored container should have the same IP address as before // being checkpointed. If requestedIP is set it will be used instead // of config.StaticIP. -- cgit v1.2.3-54-g00ecf