Usual commit

2021/linux container mess.md

@@ -0,0 +1,39 @@
+
+# linux container mess
+
+  * worked on rapidio interconnect subsystem with userspace components -> link to mention in kernel
+* 2 years freebsd experience
+  * mostly for NAS purposes using ZFS
+  * upgrades are fairly smooth, things break but are documented and mentioned or are easy to fix
+* divirged landscape of essential software components
+* tightly integrated system detects problems early -> api breakages with scattered modules (different communities) are hard to handle
+* container debate, just a bunch of complex namespaces and apis
+* jails
+* badly documented features (kdoc not userspace) -> freebsd has one base userspace and kernel are tightly coupled
+* innovation should be managed well -> what does that mean
+* the pinguin is getting fat -> lines of code -> complex matrix of kernel build variants
+* upgrades to new versions are a pain in embedded systems as every release things get shoveled away or moved elsewhere and this is very badly documented
+* linux container namespaces are getting out of hand 
+*
+
+## Namespaces
+
+### CPU namespace
+
+* https://lwn.net/Articles/872507/
+* https://lwn.net/Articles/812504
+
+* [A filesystem for namespaces
+](https://lwn.net/Articles/877308/)
+* [ima: Namespace IMA with audit support in IMA-ns
+](https://lwn.net/Articles/878862/)
+* [Controlling the CPU scheduler with BPF
+](https://lwn.net/Articles/873774/)
+
+* Linux container schedulers: RunC, systemd-nspawn, AWS bottlerocket, LXC/LXD, Openshift, Kubernetes, containerd, and of course Docker.
+* https://containerjournal.com/features/people-want-boycott-docker/
+* https://www.slideshare.net/PaoloTonin2/boycott-docker
+
+```
+Recently we launched Bottlerocket, a Linux-based container operating system written in Rust.” — Matt Asay, Amazon Web Services
+```