Flock Day Two: Everything is a Container! (Kinda)

Day two at Flock was, once again, a pretty container-riffic experience, at least if that’s what you were interested in. The day kicked off with Dan Walsh giving an overview of new container technologies and a roadmap for things like the cri-o project. (Look here for a longer post on cri-o and such shortly.)

Dan’s talk was excellent all-around, but he had one piece of perspective I plan to use going forward: Everything running on Linux is in a “container,” even if it’s in a “host” container. What this means is that, really, all processes use the same technologies that help make up “containers” — e.g., cgroups, SELinux, namespaces, etc. What container runtimes do is to set up more restrictive containers that have a different view of the system than unconstrained processes. (For certain values of ‘unconstrained.”)

I think if people have a better understanding of what containers really are, it will help them with making decisions around adoption and how to work with containers. Right now, I encounter quite a few misconceptions around what containers actually are and how they’re run. As my colleague Scott McCarty likes to say, containers are really just “fancy files and fancy processes.”

After Dan’s preso, we had two sorta combined presentations on system containers and on what Fedora should be packaging for Kubernetes: upstream Kubernetes or OpenShift Origin. Jason Brooks presented the session on what we should be doing with the Kubernetes SIG in Fedora, and he laid out a good overview of the options and different ways that various communities are packaging and shipping Kubernetes. The trade-off is largely around whether we want to ship Kubernetes faster or something a bit more useful. I tend to think that we’d be better off shipping Origin and focusing there, though if anybody wants to help with packaging “raw” Kubernetes just to have that handy, that’d also be welcome. While Origin may not have the very latest, hot-off-the-presses, version of Kubernetes, I feel like that’s less interesting than a more functional offering.

Sadly, this was not a session where we made any actual, decisions.

The relation of Kubernetes packaging and system containers, of course, is that we’d package Kubernetes as a system container (in addition to RPMs, presumably) to make it easy to consume on Atomic Host, etc.

Later in the day we had a few speedy sessions around Atomic Workstation, which uses rpm-ostree and Flatpaks, and building custom Atomic Hosts with Ansible. Both are things I need a few more hours in the day to tinker with, but might just commit some of the 3-day weekend to setting up a desktop with Atomic Workstation.

Kudos again to the folks running Flock this year, they’ve done a good job of putting on a solid community conference.

Leave a Reply

Your email address will not be published. Required fields are marked *