Awesome

netavark: A container network stack

Netavark is a rust based network stack for containers. It is being designed to work with Podman but is also applicable for other OCI container management applications.

Overview and scope

Netavark is a tool for configuring networking for Linux containers. Its features include:

• Configuration of container networks via JSON configuration file
• Creation and management of required network interfaces, including MACVLAN networks
• All required firewall configuration to perform NAT and port forwarding as required for containers
• Support for iptables, firewalld and nftables
• Support for rootless containers
• Support for IPv4 and IPv6
• Support for container DNS resolution via the aardvark-dns project

Requires

• go-md2man
• Rust
• Podman 4.0+
• protoc

MSRV (Minimum Supported Rust Version)

v1.76

We test that Netavark can be build on this Rust version and on some newer versions. All newer versions should also build, and if they do not, the issue should be reported and will be fixed. Older versions are not guaranteed to build and issues will not be fixed.

Build

$ make

Test

$ make test

Also see ./test for more information.

Communications

For general questions and discussion, please use Podman's channels.

For discussions around issues/bugs and features, you can use the GitHub issues and PRs tracking system.

Plugins

Netavark also supports executing external plugins, see ./plugin-API.md.