LXC vs Incus with Wireguard -- how?
45 views
Skip to first unread message
John Hallam
Mar 20, 2024, 4:03:19 AMMar 20
to lxc-...@lists.linuxcontainers.org
I am currently using LXC (without LXD) with Wireguard and am
considering whether to switch to Incus for instance management.
To include a Wireguard interface in an LXC container I create it in
the host network namespace and declare it as a 'physical' interface in
the container config (see [1] for how Wireguard and containers work
together). The creation is handled by an LXC hook script.
Having read the Incus documentation, I don't see how to do this when
using Incus to launch an instance -- specifically, how to create the
interface in the host netns just before Incus needs to move into the
container netns.
Can anyone suggest the/an official way of handling this? Pointers to
the 'right' documentation for this use case would be much appreciated.
John Hallam
[1] https://www.wireguard.com/netns/
considering whether to switch to Incus for instance management.
To include a Wireguard interface in an LXC container I create it in
the host network namespace and declare it as a 'physical' interface in
the container config (see [1] for how Wireguard and containers work
together). The creation is handled by an LXC hook script.
Having read the Incus documentation, I don't see how to do this when
using Incus to launch an instance -- specifically, how to create the
interface in the host netns just before Incus needs to move into the
container netns.
Can anyone suggest the/an official way of handling this? Pointers to
the 'right' documentation for this use case would be much appreciated.
John Hallam
[1] https://www.wireguard.com/netns/
Reply all
Reply to author
Forward
0 new messages