Hi,
On Fri, 20 Nov 2020 at 19:26, Christopher Baines wrote:
> Zhu Zihao writes:
>
>> I found guix container "created by `guix environment --container` or
>> `guix system container`" is very useful to isolate some service. But
>> it only supports fully isolated network namespace or just share wit
On Fri, Nov 20, 2020 at 09:15:05PM +, Christopher Baines wrote:
>
> → sudo -E guix system reconfigure ~/Projects/Systems/capella.scm
> The following derivation will be built:
>/gnu/store/l8ipcxqhz1kizk6fcxmjdb36a0rks83z-grub-minimal-2.04.drv
>
> building /gnu/store/l8ipcxqhz1kizk6fcxmjdb
On Fri, Nov 20, 2020 at 05:55:50PM -0500, Stephen Scheck wrote:
> The project I'm attempting to package is a standalone application, with a
> Makefile build system entrypoint - it is not a library, so I don't think
> `go-build-system` is of any help here (though presumably the Makefile uses
> golan
On Sat, 21 Nov 2020 21:22:09 +0200
Efraim Flashner wrote:
> On Fri, Nov 20, 2020 at 05:55:50PM -0500, Stephen Scheck wrote:
> > The project I'm attempting to package is a standalone application,
> > with a Makefile build system entrypoint - it is not a library, so I
> > don't think `go-build-syst
zimoun writes:
> Hi,
>
> On Fri, 20 Nov 2020 at 19:26, Christopher Baines wrote:
>> Zhu Zihao writes:
>>
>>> I found guix container "created by `guix environment --container` or
>>> `guix system container`" is very useful to isolate some service. But
>>> it only supports fully isolated network
I agree with Zihao that containers have certain use cases where it's
important to use separate network namespaces for each instance, with
traffic forwarded selectively between host and guest. Security (and hence
firewalling) is part of the issue, but it's also about the container's
maintainability
