On Fri, 17.04.15 23:27, [email protected] ([email protected]) wrote: > Hi, > > I am having trouble with socket-activated containers, where the socket > is first opened outside the container, on an interface/IP address that > is then passed in to the container. > > In short, when I try to ssh to the IP address of the container, the > container is indeed activated as it should be, but ssh fails with: > > Read from socket failed: Connection reset by peer > > I believe this is due to the ssh connection successfully starting then > being interrupted by something unknown before it can prompt for a > password, but not sure what this unknown thing is - systemd, networking > setup, something else? > > In more detail, I have a script, interface-setup.sh, to create a > veth. (Contents of the script are at the end of this email.) One end of > the veth is added to a bridge, and the other end gets an IPv6 > address. That end will be sent into the container. Outside of the > container, I bind to that address with the following .socket unit.
Hmm, so you say the initial connection does not work but triggers the container, but the subsequent one will? This is indication that systemd inside the container does not properly adopt the socket passed in. Can you try to make this work first without using private networking in the container? i.e. just listen on the port on the host, and pass it into the container without using any networking related switches on the nspawn cmdline. After making that work it makes sense to go to the next step. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
