By default network type is a bridge.
Allow ptp plugin to work with network namespaces
https://www.cni.dev/plugins/current/main/ptp/
Proposed syntax:
set container network xxx type bridge(default)|ptp
There is an example for CNI ptp:
{ "cniVersion": "0.4.0", "name": "ptp", "plugins": [ { "type": "ptp", "isGateway": false, "ipMasq": false, "hairpinMode": false, "ipam": { "type": "host-local", "routes": [ { "dst": "0.0.0.0/0" } ], "ranges": [ [ { "gateway": "172.16.24.1", "subnet": "172.16.24.0/24" } ] ] } } ] }
New containers will be in the native network namespace via veth pair:
On host system:
podman run -dit --net ptp fedora podman run -dit --net ptp fedora podman run -dit --net ptp fedora podman run -dit --net ptp fedora root@r11-roll:/home/vyos# sudo ip link show | grep veth -A 2 7: veth89baf54d@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether 16:f9:4e:a2:f3:14 brd ff:ff:ff:ff:ff:ff link-netns cni-d59f5927-0ada-5e7e-043b-ce53a16aaae6 8: vethc1763497@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether d2:c8:76:cf:50:ea brd ff:ff:ff:ff:ff:ff link-netns cni-c7ab2335-a569-4707-597f-6d9ab1f2130c 10: vetha181bf8f@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether 1a:16:c7:82:af:6f brd ff:ff:ff:ff:ff:ff link-netns cni-f09e6b7d-9f25-7775-24a6-298e28b94609 11: veth68646c06@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether e2:de:e9:3e:ab:ba brd ff:ff:ff:ff:ff:ff link-netns cni-896855e0-3919-66b2-662a-ed9d0c875e0c root@r11-roll:/home/vyos#
Check autogenerated namespaces:
root@r11-roll:/home/vyos# sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7b6b848547d9 registry.fedoraproject.org/fedora:latest /bin/bash About an hour ago Up About an hour ago epic_agnesi d2c3dae2c313 registry.fedoraproject.org/fedora:latest /bin/bash About an hour ago Up About an hour ago crazy_lichterman 8c1827652dfb registry.fedoraproject.org/fedora:latest /bin/bash 18 minutes ago Up 18 minutes ago naughty_keldysh c3e65aabaa10 registry.fedoraproject.org/fedora:latest /bin/bash 10 minutes ago Up 10 minutes ago naughty_euclid root@r11-roll:/home/vyos# root@r11-roll:/home/vyos# sudo ip netns ls cni-896855e0-3919-66b2-662a-ed9d0c875e0c (id: 3) cni-f09e6b7d-9f25-7775-24a6-298e28b94609 (id: 2) cni-c7ab2335-a569-4707-597f-6d9ab1f2130c (id: 1) cni-d59f5927-0ada-5e7e-043b-ce53a16aaae6 (id: 0) root@r11-roll:/home/vyos#
Check container namespace commands from host system:
root@r11-roll:/home/vyos# ip netns exec cni-896855e0-3919-66b2-662a-ed9d0c875e0c ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 3: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether c2:50:0b:15:0f:7d brd ff:ff:ff:ff:ff:ff link-netnsid 0 root@r11-roll:/home/vyos# root@r11-roll:/home/vyos# ip netns exec cni-896855e0-3919-66b2-662a-ed9d0c875e0c ip route default via 172.16.24.1 dev eth0 172.16.24.0/24 via 172.16.24.1 dev eth0 src 172.16.24.8 172.16.24.1 dev eth0 scope link src 172.16.24.8 root@r11-roll:/home/vyos#