39 lines
1.7 KiB
Markdown
39 lines
1.7 KiB
Markdown
|
|
# linux container mess
|
|
|
|
* worked on rapidio interconnect subsystem with userspace components -> link to mention in kernel
|
|
* 2 years freebsd experience
|
|
* mostly for NAS purposes using ZFS
|
|
* upgrades are fairly smooth, things break but are documented and mentioned or are easy to fix
|
|
* divirged landscape of essential software components
|
|
* tightly integrated system detects problems early -> api breakages with scattered modules (different communities) are hard to handle
|
|
* container debate, just a bunch of complex namespaces and apis
|
|
* jails
|
|
* badly documented features (kdoc not userspace) -> freebsd has one base userspace and kernel are tightly coupled
|
|
* innovation should be managed well -> what does that mean
|
|
* the pinguin is getting fat -> lines of code -> complex matrix of kernel build variants
|
|
* upgrades to new versions are a pain in embedded systems as every release things get shoveled away or moved elsewhere and this is very badly documented
|
|
* linux container namespaces are getting out of hand
|
|
*
|
|
|
|
## Namespaces
|
|
|
|
### CPU namespace
|
|
|
|
* https://lwn.net/Articles/872507/
|
|
* https://lwn.net/Articles/812504
|
|
|
|
* [A filesystem for namespaces
|
|
](https://lwn.net/Articles/877308/)
|
|
* [ima: Namespace IMA with audit support in IMA-ns
|
|
](https://lwn.net/Articles/878862/)
|
|
* [Controlling the CPU scheduler with BPF
|
|
](https://lwn.net/Articles/873774/)
|
|
|
|
* Linux container schedulers: RunC, systemd-nspawn, AWS bottlerocket, LXC/LXD, Openshift, Kubernetes, containerd, and of course Docker.
|
|
* https://containerjournal.com/features/people-want-boycott-docker/
|
|
* https://www.slideshare.net/PaoloTonin2/boycott-docker
|
|
|
|
```
|
|
Recently we launched Bottlerocket, a Linux-based container operating system written in Rust.” — Matt Asay, Amazon Web Services
|
|
``` |