On Sat, 15 Aug 2015 00:34:21 -0400
Jon Stanley <jstanley(a)rmrf.net> wrote:
Sorry for the massive delay here. Have had this marked to look closely
at, but haven't had a chance until now. ;)
I just completed a bit of a Docker POC at Flock, and put together a
bit of a wiki page on it. Not a whole ton there right now, but as we
look towards more nimble deployment mechanisms, Docker might be
something worth looking at.
Yeah.
I hacked together a container with pastebin (sticky-notes) in it, and
a database external to the container. It didn't take more than a few
hours of work going from an Ansible playbook to a working container.
Let me know if anyone has questions or comments on the work so far.
Currently it's just on a transient cloud instance, and there are a lot
of things to think about (some of which I noted on the wiki page)
before we think about moving stuff somewhere more permanent.
There's a mention of something on the wiki page called Custodia. This
is a mechanism for securely provisioning, storing, distributing, and
auditing access to secret data. I wasn't able to find much on the
Internet, but Simo gave a talk on it at Flock if you went there :)
Anyhow, the wiki page is
https://fedoraproject.org/wiki/Infrastructure_Docker_POC
So, some questions. ;)
The "FROM rhel6" does that pull rhel 6.7 ? 6.0? 6.7 + updates?
Does it change? or its always whatever it is?
"It's very important that the thing in CMD not exit before the
application is finished executing, or the container will be destroyed."
So, that script should be in a loop in case httpd is killed by an OOM?
Or it's expected if something bad like that happens that the container
would be killed off?
Some other things to look into:
* ansible has a docker module, so we could use that to create/spin
things.
* Perhaps we could have ansible popuate templates on a volume and share
that with the container for templates?
* I would think we would want our own registery, as depending on docker
hub seems poor to me... how hard are they to setup? The Cloud working
group and releng have been talking about on for fedora images, so we
could look at something similar for infra.
So, since sticky-notes is dead upstream and we need to find a new one,
perhaps a better case for this might be wordpress, since we now have
fedoramagazine, developer and perhaps flocktofedora to deal with.
kevin
_______________________________________________
infrastructure mailing list
infrastructure(a)lists.fedoraproject.org
http://lists.fedoraproject.org/postorius/infrastructure@lists.fedoraproje...