[linux-l] Need to talk about a Containerization software (plash)

Irae Hueck Costa mail at irae.me
So Sep 30 13:38:17 CEST 2018


Hallo,

> Okay you created a docker runtime. Fine. Is it compatible 
> to the Introducing Container Runtime Interface (CRI)?
> That's important. The CRI is quasi the posix standard 
> of linux container.

Well, actually not. It can be integrated with docker in multiple ways, but it's really a standalone software to run and build containers. POSIX exists since decades, standards around containers are much newer. What plash does is to work with the traditional UNIX/POSIX way. What I mean, is that a a plash container is really just a process, you don't need to know/learn anything about let's say stopping containers in CRI (I actually don't) just send a signal to your "container"/process, for example with the `kill` command.

Plash is very flexible and can fulfill multiple use cases, if you want to use plash with something like an "enterprise container infrastructure with all this new stuff", I think the best way is to wrap plash in docker or another container software that plays well with all these new interfaces. So you can run plash inside docker, and voila, you have CRI support. The only problem plash is concerned with is containerization, if you want more than that, additional tools need to be used.

> What is the goal of your solution? [...]
Integration with existing tools instead of reinventing the wheel - "Do One Thing and Do It Well".


> briefkasten at olaf-radicke.de hat am 29. September 2018 um 14:17 geschrieben:
> 
> 
> Hi!
> 
> > Irae Hueck Costa <mail at irae.me> hat am 29. September 2018 um 11:49 geschrieben:
> > I'll actually write in English. 
> 
> Okay, I hope my English is not a big Suffering for you.
> 
> > So I wrote a software to run and build containers. 
> 
> Okay you created a docker runtime. Fine. Is it compatible 
> to the Introducing Container Runtime Interface (CRI)?
> That's important. The CRI is quasi the posix standard 
> of linux container.
> 
> Why is it important? A container runtime is the smallest
> part, what do you need for are enterprise docker environment.
> You need a complete life cycle management ("blue green deployment" 
> is one this key words), overlay network, storage bindings, 
> heath checks, routing/Service recovery, Access Control List (ACL), 
> Authenticating management like LDAP / Active Directory, distributed 
> key value store like etcd for your configuration, a managing tool 
> for sensitive data (secrets) and so on....
> 
> All this is already implement in tools like OpenShift, Cloudforms,
> AWS, azure and GCP. If you runtime not compatible to CRI, than
> nobody can productivity work with you solution. 
> 
> What is the goal of your solution? More security? To day the mainstream moved  tendency to docker runtimes with micro kernels to get more isolation. See https://katacontainers.io/
> 
> Or is the use case a linux desktop with GUI- Applications? Do you know
> this project? https://github.com/coreos/fedora-coreos-tracker
> 
> Best regards,
> 
> Olaf

Cheers,
Irae



Mehr Informationen über die Mailingliste linux-l