Flock Day Two: Everything is a Container! (Kinda)

Day two at Flock was, once again, a pretty container-riffic experience, at least if that’s what you were interested in. The day kicked off with Dan Walsh giving an overview of new container technologies and a roadmap for things like the cri-o project. (Look here for a longer post on cri-o and such shortly.)

Dan’s talk was excellent all-around, but he had one piece of perspective I plan to use going forward: Everything running on Linux is in a “container,” even if it’s in a “host” container. What this means is that, really, all processes use the same technologies that help make up “containers” — e.g., cgroups, SELinux, namespaces, etc. What container runtimes do is to set up more restrictive containers that have a different view of the system than unconstrained processes. (For certain values of ‘unconstrained.”)

Continue reading