Open rgbkrk opened 8 years ago
ghost
commented
8 years ago I looked through docker-py and found the create_network function to be too restricted.
create_network only accepts a name for the network, and a driver. Looks like there is no equivalent for the -o option here.
I opened a PR on the docker-py repository, adding the required feature.
rgbkrk
commented
8 years ago Well done!
ghost
commented
8 years ago Thanks :smile:
rgbkrk
commented
8 years ago Looks like you got your networking stuff merged! Yay!
Time for the tmpnb side.
ghost
commented
8 years ago There has not been a release for docker-py with my changes included yet. Also, I remember getting stuck somewhere, and then I got distracted by some other stuff.
I'll try and get it done this time, thanks for reminding me :+1:
rgbkrk
commented
8 years ago Drat! That's ok.
ghost
commented
8 years ago I've been unable to find the time to take a look at this. A new release of docker-py has happened, so this can be picked up be anyone.
rgbkrk
commented
8 years ago Awesome, thanks for your upstream work @sumitsahrawat
rgbkrk
commented
8 years ago Ok, the first thing I'm going to add on for this is the ability to specify the networks for tmpnb and userland containers. After that I'll look into auto-setting up a private network for tmpnb with the locked down settings from above.
With the arrival of Docker 1.9, we can now set up isolated networks or any myriad of networking setups directly with the Docker API. As mentioned on an issue on libnetwork, we can do what we did before in tmpnb deploy, locking down each container to not have generic internet access or intercontainer communication.
We need to do this programmatically with the docker API, via docker-py. In addition to code, we'll also want to bump the version of docker-py we support and make sure we work well with Docker 1.9, 1.10, the future.