| ▲ | amluto 9 hours ago | |
> You can run separate containers in the same network namespace with the "--network" option [0]. Oh, right, thanks. I think I did notice that last time I dug into this. But: > or you can manually create a new netns with "podman network create <name>" and then join all the containers to it with "--network=<name>". I don’t think this has the desired effect at all. And the docs for podman network connect don’t mention pods at all, which is odd. In general, I have not been very impressed by podman. Incidentally, apptainer seems to have a more or less first class ability to join an existing netns, and it supports CNI. Maybe I should give it a try. | ||
| ▲ | gucci-on-fleek 2 hours ago | parent [-] | |
> > or you can manually create a new netns with "podman network create <name>" and then join all the containers to it with "--network=<name>". > I don’t think this has the desired effect at all. Well I'm not entirely sure what effect you're wanting here, but I use this option for some of the containers that I run, and it makes it so that all containers in that network can reach each other, while anything outside that network can't. You can also use "--network=ns:/run/user/$UID/netns/<file-name>" to join a container to a manually created network namespace (created with "ip netns add <file-name>") if you need more control. | ||