|  No hay comentarios

NSS−MYMACHINES

NAME
SYNOPSIS
DESCRIPTION
CONFIGURATION IN /ETC/NSSWITCH.CONF
EXAMPLE: MAPPINGS PROVIDED BY NSS−MYMACHINES
SEE ALSO

NAME

nss-mymachines, libnss_mymachines.so.2 − Hostname resolution for local container instances

SYNOPSIS

libnss_mymachines.so.2

DESCRIPTION

nss−mymachines is a plug−in module for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc), providing hostname resolution for the names of containers running locally that are registered with systemd-machined.service(8). The container names are resolved to the IP addresses of the specific container, ordered by their scope. This functionality only applies to containers using network namespacing (see the description of −−private−network in systemd-nspawn(1)). Note that the name that is resolved is the one registered with systemd−machined, which may be different than the hostname configured inside of the container.

To activate the NSS module, add “mymachines” to the line starting with “hosts:” in /etc/nsswitch.conf.

It is recommended to place “mymachines” after the “files” or “compat” entry of the /etc/nsswitch.conf line to make sure that its mappings are preferred over other resolvers such as DNS, but so that /etc/hosts based mappings take precedence.

CONFIGURATION IN /ETC/NSSWITCH.CONF

Here is an example /etc/nsswitch.conf file that enables nss−mymachines correctly:

passwd: compat systemd
group: compat systemd
shadow: compat

hosts: mymachines resolve [!UNAVAIL=return] myhostname files dns
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis

EXAMPLE: MAPPINGS PROVIDED BY NSS−MYMACHINES

The container “rawhide” is spawned using systemd-nspawn(1):

# systemd−nspawn −M rawhide −−boot −−network−veth −−private−users=pick
Spawning container rawhide on /var/lib/machines/rawhide.
Selected user namespace base 20119552 and range 65536.

$ machinectl −−max−addresses=3
MACHINE CLASS SERVICE OS VERSION ADDRESSES
rawhide container systemd−nspawn fedora 30 169.254.40.164 fe80::94aa:3aff:fe7b:d4b9

$ ping −c1 rawhide
PING rawhide(fe80::94aa:3aff:fe7b:d4b9%ve−rawhide (fe80::94aa:3aff:fe7b:d4b9%ve−rawhide)) 56 data bytes
64 bytes from fe80::94aa:3aff:fe7b:d4b9%ve−rawhide (fe80::94aa:3aff:fe7b:d4b9%ve−rawhide): icmp_seq=1 ttl=64 time=0.045 ms

$ ping −c1 −4 rawhide
PING rawhide (169.254.40.164) 56(84) bytes of data.
64 bytes from 169.254.40.164 (169.254.40.164): icmp_seq=1 ttl=64 time=0.064 ms

# machinectl shell rawhide /sbin/ip a
Connected to machine rawhide. Press ^] three times within 1s to exit session.
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

2: host0@if21: mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 96:aa:3a:7b:d4:b9 brd ff:ff:ff:ff:ff:ff link−netnsid 0
inet 169.254.40.164/16 brd 169.254.255.255 scope link host0
valid_lft forever preferred_lft forever
inet6 fe80::94aa:3aff:fe7b:d4b9/64 scope link
valid_lft forever preferred_lft forever
Connection to machine rawhide terminated.

SEE ALSO

systemd(1), systemd-machined.service(8), machinectl(1), nss-systemd(8), nss-resolve(8), nss-myhostname(8), nsswitch.conf(5), getent(1)

Etiquetas: , , ,