usage() {
cat <<EOF
usage: ${0##*/} [OPTS] start|stop NS_NAME
-Setup new or systemd created network namespace with nat and mount namespace
+Setup & optionally create, a network namespace with nat and a mount namespace
--c, --create Create network namespace. For running outside systemd private net.
+-c, --create Create a named network namespace. When running from
+ the same network namespace as pid 1, this is set automatically.
+ This is the case when running outside a systemd created
+ private network.
-h, --help Show this help and exit.
From within a systemd network namespace, nat it to the outside. This
would be called from ExecStartPre, and or subsequent units called with
JoinsNamespaceOf= and PrivateNetwork=true.
-If given -c, or if in the default network namespace, create a named
-network namepace natted to the current netns.
-
Uses /24 network, finding the first locally unused one starting at
10.173.0.
Background:
This script does not make the namespace be named like ip does, because
-the naming is not necessary, although it could have with some more
-work. For debugging and joining the namespace with a bash shell, I use
-nsenter -n -m -t $(pgrep PROCESS_IN_NAMESPACE). Note: if I knew how to
-easily ask systemd what pid a unit has, i would do that.
+the naming is not necessary, although it could have been done with some
+more work. For debugging and joining the namespace with a bash shell, I
+use nsenter -n -m -t $(pgrep PROCESS_IN_NAMESPACE) bash. Note: if I
+knew how to easily ask systemd what pid a unit has, i would do that.
"ip netns new ..." also does a mount namespace, then bind
mounts each file/dir in /etc/netns/NS_NAME to /etc/NS_NAME. Note,
iankelling.org / git / newns / blobdiff