From 75f4a659ffce2a307d96b3a7efa7126533c62d56 Mon Sep 17 00:00:00 2001
From: stephan48 <stephan48@web>
Date: Sun, 13 Aug 2023 22:07:34 +0200
Subject: [PATCH]

---
 ...3s-i-want-a-rootless-cluster-with-bgp-damn-it.mdwn | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/posts/2023-08-13-k3s-i-want-a-rootless-cluster-with-bgp-damn-it.mdwn b/posts/2023-08-13-k3s-i-want-a-rootless-cluster-with-bgp-damn-it.mdwn
index a8953be..a50a508 100644
--- a/posts/2023-08-13-k3s-i-want-a-rootless-cluster-with-bgp-damn-it.mdwn
+++ b/posts/2023-08-13-k3s-i-want-a-rootless-cluster-with-bgp-damn-it.mdwn
@@ -7,10 +7,11 @@ How does k3s setup the network:
 * k3s server is started - calls into rootlesskit https://github.com/k3s-io/k3s/blob/38a0b91c1a917d2866aee265bc7815424af3e701/pkg/rootless/rootless.go#L37
 * k3s server then forks itself(where?) to handle parent(outside netns) and child(inside netns) operations.
 * does not allow us to change from slirp4netns to something else like lxc-nic(easier to patch).
-* Rootlesskit creates external(slirp4netns) process to attach tun interface - https://github.com/rootless-containers/rootlesskit/blob/master/pkg/network/slirp4netns/slirp4netns.go#L176
+* Rootlesskit creates external(slirp4netns) process to attach tap interface - https://github.com/rootless-containers/rootlesskit/blob/master/pkg/network/slirp4netns/slirp4netns.go#L176
   * slirp4netns is called with specific options, theres no intelligent return mechanism for interface config, hence we have to reuse whats there
 * Rootlesskit does child network configuration - https://github.com/rootless-containers/rootlesskit/blob/master/pkg/child/child.go#L156
-  * where does the tap0 device comes from?
+  * where does the tap0 device comes from? https://github.com/rootless-containers/rootlesskit/blob/master/pkg/network/slirp4netns/slirp4netns.go#L182
+  * we will need to remove this and redo some of the network configuration
 
 Wrote slirp4netns wrapper(crude & insecure, will need to harden):
 
@@ -36,5 +37,11 @@ TODO:
 
 * how to handle ipv6?
 * how to conjure all of this securely?
+* what provides dns? 
+  * in slirp4netns?
+  * can i reuse avard-dns? netavard? postman?
+  * resort do dnsmasq?
 
+Interesting Reads:
+  * https://linux-blog.anracom.com/2017/10/30/fun-with-veth-devices-in-unnamed-linux-network-namespaces-i/
 
-- 
2.30.2