# linux container mess

  * worked on rapidio interconnect subsystem with userspace components -> link to mention in kernel
* 2 years freebsd experience
  * mostly for NAS purposes using ZFS
  * upgrades are fairly smooth, things break but are documented and mentioned or are easy to fix
* divirged landscape of essential software components
* tightly integrated system detects problems early -> api breakages with scattered modules (different communities) are hard to handle
* container debate, just a bunch of complex namespaces and apis
* jails
* badly documented features (kdoc not userspace) -> freebsd has one base userspace and kernel are tightly coupled
* innovation should be managed well -> what does that mean
* the pinguin is getting fat -> lines of code -> complex matrix of kernel build variants
* upgrades to new versions are a pain in embedded systems as every release things get shoveled away or moved elsewhere and this is very badly documented
* linux container namespaces are getting out of hand 
*

## Namespaces

### CPU namespace

* https://lwn.net/Articles/872507/
* https://lwn.net/Articles/812504

* [A filesystem for namespaces
](https://lwn.net/Articles/877308/)
* [ima: Namespace IMA with audit support in IMA-ns
](https://lwn.net/Articles/878862/)
* [Controlling the CPU scheduler with BPF
](https://lwn.net/Articles/873774/)

* Linux container schedulers: RunC, systemd-nspawn, AWS bottlerocket, LXC/LXD, Openshift, Kubernetes, containerd, and of course Docker.
* https://containerjournal.com/features/people-want-boycott-docker/
* https://www.slideshare.net/PaoloTonin2/boycott-docker

```
Recently we launched Bottlerocket, a Linux-based container operating system written in Rust.” — Matt Asay, Amazon Web Services
```