Open davidchisnall opened 3 years ago
My initial plan was to open issues for the things that needed work done and mark whether I had planned to do them myself or wanted help, but I seem to have not done that yet so here's a list off the top of my head:
I do still want to do a bunch of this work myself; I've just struggled to find the free time to work on runj over the past several months. Per the contribution policy, if you're interested in working on something please create an issue describing what you'd like to do first so we can talk about it (and I can decide whether I'd like help on that front).
Happy to discuss more here if anything is unclear.
Thanks. I'm interested (time permitting) in working on some of the network integration (vnet + pf). Pot already seems to manage this reasonably well, so should provide a good reference. I don't have a very good understanding of how the various bits (containerd / runj / CNI) fit together (all of the docs seem to assume that you know everything already and throw terminology at you).
You shouldn't need nested jails for jail-to-jail networking, you 'just' need to set up the routing.
Thanks. I'm interested (time permitting) in working on some of the network integration (vnet + pf). Pot already seems to manage this reasonably well, so should provide a good reference. I don't have a very good understanding of how the various bits (containerd / runj / CNI) fit together (all of the docs seem to assume that you know everything already and throw terminology at you).
You shouldn't need nested jails for jail-to-jail networking, you 'just' need to set up the routing.
You could take a look at my moby port. It has (barebones) working network and barebones pf support.
The strategy I used is creating a base jail that allows for a child jail to be spawned that does the vnet network, and a child jail that is the actual container. The rationale being that Linux containers lack the tools to configure the FreeBSD network stack, and Kubernetes pods assuming a shared network namespace.
I still have a PR open here that needs more work on it, but unfortunately I've been swamped with other commitments.
I've opened https://github.com/samuelkarp/runj/issues/20 to specifically cover networking and leave this issue open for its original purpose.
It would be great to have a to-do list that people who want to contribute can look at and see what still needs doing. I am not sure that I fully understand the separation of concerns between containerd and runj, so I don't know if things are missing from runj because containerd implements them or if they still need doing.