Thank you Jason. Your code looks good, but after some search and
reading, I found it's a very very complicate issue for networking
between containers, it may not available to manage it in a declarative
way(or say Guix way).
So I decide to continue to use Docker, and leave iptables for Docker to
p
Hi Zihao,
It sounds like you're running Guix for your host OS and want to have Guix
containers inside of that? If that's so, then my existing config won't be
much use to you: right now I'm running my Guix containers (the `guix system
container` shell scripts) inside of Debian via systemd.
But in
I try to search a lightweight network sharing solution for containers
without Docker. But when my search query contains keyword "container",
almost all results referring to Docker... :(
--
Retrieve my PGP public key: https://meta.sr.ht/~citreu.pgp
Zihao
signature.asc
Description: PGP signatur
That's what I want to say, thank you!
I want to combine different software in containers in docker-compose
like way. It's more similar with a system container then a `guix
environment` container.
I'm not a Docker hater, but docker will corrupt your iptables entry and
make the system impure. If y
Hi Edouard, I completely agree that this sort of composition is convenient
for a group of services that share a single dependency graph. For example,
when deploying a web application in a container, one could also provide an
nginx server there for its exclusive use, and maybe even a database server
The trick is that guix being written in scheme, operating system
declarations can be written in a composable way, where the port N can be
a parameter.
The way I see it, it is when you compose all your services together on
one host that you decide which service gets which port, and declare all
th
I agree with Zihao that containers have certain use cases where it's
important to use separate network namespaces for each instance, with
traffic forwarded selectively between host and guest. Security (and hence
firewalling) is part of the issue, but it's also about the container's
maintainability
zimoun writes:
> Hi,
>
> On Fri, 20 Nov 2020 at 19:26, Christopher Baines wrote:
>> Zhu Zihao writes:
>>
>>> I found guix container "created by `guix environment --container` or
>>> `guix system container`" is very useful to isolate some service. But
>>> it only supports fully isolated network
Hi,
On Fri, 20 Nov 2020 at 19:26, Christopher Baines wrote:
> Zhu Zihao writes:
>
>> I found guix container "created by `guix environment --container` or
>> `guix system container`" is very useful to isolate some service. But
>> it only supports fully isolated network namespace or just share wit
Zhu Zihao writes:
> I found guix container "created by `guix environment --container` or
> `guix system container`" is very useful to isolate some service. But
> it only supports fully isolated network namespace or just share with
> host, it's not so safe IMO.
I'll assume that a fully isolated
"Zhu Zihao" writes:
> Hi, Guix users!
>
>
> I found guix container "created by `guix
> environment --container` or `guix system
> container`" is very useful to isolate some
> service. But it only supports fully isolated
> network namespace or just share with host, it's
> not so safe IMO.
>
>
>
>
Hi, Guix users!
I found guix container "created by `guix environment --container` or `guix
system container`" is very useful to isolate some service. But it only supports
fully isolated network namespace or just share with host, it's not so safe IMO.
In Docker, there's port forwarding, allow
12 matches
Mail list logo