Fedora's Cloud Future (and, self (re-)introduction)

Lennart Poettering mzerqung at 0pointer.de
Wed Sep 19 19:04:52 UTC 2012

On Wed, 19.09.12 14:10, Matthew Miller (mattdm at fedoraproject.org) wrote:

> If any of this sounds interesting, please come on over to the Cloud SIG,
> centered around the mailing list
>   <https://admin.fedoraproject.org/mailman/listinfo/cloud>
> and pitch in. And if the words "strategic" and "planning" make your eyes
> glaze over, don't worry. This is going to be a *doing* thing, not just a
> *talking* thing. Computing as a whole is _really_ at one of those big
> inflection points, and it's going to take a lot of action to bring us on
> over to the other side — where we've got a *lot* to contribute that the
> world shouldn't miss out on.

I think there are two crucial requirements to make Fedora fun in the cloud:

a) We should regularly test Fedora in containers. Containers are a core
   feature to allow cloud providers overcommit their resources more
   drastically. I spent some time on making systemd boot up relatively
   cleanly in an nspawn/libvirt-lxc container (simply because it makes
   it easier for me to debug systemd), but that's just systemd and not
   the whole distro and right now it's a lot more fun to run systemd in
   a Debian container on Fedora than on systemd in a Fedora container on
   Fedora (audit...). If Fedora cares for the cloud, then we probably
   should declare container boots something that is on the level on a
   "release architecture", by which I mean that it is regularly tested
   and a requirement for release. This really is an area where some
   pressure could be needed.

   The systemd test suite actually builds an OS image that is booted
   once inside of kvm, and once in nspawn, to make sure we get
   everything right in systemd, and that the very same image can be
   booted both ways unaltered and entirely stateless. I'd like to see a
   similar level of testing in all of Fedora, too.

b) We should try much harder to lower the resource cost per
   container. If cloud providers need less disk space, less CPU, and
   less memory per container, then this allows them to run much more
   containers on one system. And that translates directly to cash for
   them. For one this means we should try much
   harder to reduce the minimal installation set of packages of
   Fedora. And that probably means regularly posting blame lists (whose
   packages pull in 100MB more this time? Who is the king of adding new
   dependencies?) and having somebody who really invests the work in
   splitting up packages to minimize deps. But it also means running
   services more often by activation on demand (socket
   primarily). i.e. if a cloud provider wants to grant SSH access to
   customers for their individual containers he
   shouldn't have to run one sshd per container, but should just have
   the socket listening. i.e. having 5000 sockets listening on a machine
   is relatively cheap. Running 5000 sshd instances on a machine is
   quite expensive.

In summary: I believe that containers are a big part of being awesome in
the cloud. And right now running Fedora inside a container is not that
great an experience. It kinda works, but it's very very rough around the

Yes, I know I should have subscribed to the ML and posted that there,
but I am soooo lazy to do that for one mail only... I apologize.


Lennart Poettering - Red Hat, Inc.

More information about the devel mailing list