Gregory's Serverthe network. AF_VSOCK is an address family that is supported on many hypervisors (including kvm/qemu), that allows talking to VMs without bothering with a real network. It's modeled after IP but can be vastly simpler since there's no routing or anything. The aforementioned generator just binds ssh to AV_VSOCK port 22, via socket activation (this is hence more or less "free"), and only if sshd is actually installed. Moreover, if a container mgr mounts /run/host/unix-export/ into the container…
|
3 comments
 @siosm anyway, the PR is here: https://github.com/systemd/systemd/pull/30777 The PR is almost ready, I just need to add some test cases. Enjoy. |
… the generator will bind an AF_UNIX socket into it also providing ssh. The idea is that that dir is mounted both into the container and into the host, so that the AF_UNIX is accessible from both. The other side of the equation is that a tiny plugin for the ssh client which allows connecting to AF_VSOCK/AF_UNIX sockets. In effect: without any further manual configuration full OS containers and VMs are now accessible from the host without any networking. Just run "ssh vsock/4711" or …