Richard W.M. Jones
rjones at redhat.com
Fri Sep 6 18:19:14 UTC 2013
On Wed, Sep 04, 2013 at 04:29:27PM +0200, Lukas Zapletal wrote:
> On Wed, Sep 04, 2013 at 09:04:10AM +0200, Miroslav Suchy wrote:
> > Compare it to Copr and OBS approach, when package is build in VM and
> > after that backend will retrieve the results from VM. So on builder
> > (of OBS and COPR) is no sensitive information at all.
> Are we able to evaluate, how much slower this is? Currently Fedora Koji
> is pretty fast, I usually get near-to-instant build pick-ups.
> I can imagine spawning a VM can be slower. At least when using full
> QEMU/KVM. I see the point that containers/selinux and such technologies
> can do better in here.
Please measure this before making incorrect statements.
I have done, and you should be able to boot up a Fedora VM in 3-5
seconds on c.2010 Intel hardware (which is what libguestfs does).
Alternately you can restore the VM from a saved image in even less
There's no significant advantage to using containers for this.
Containers are also *not* secure -- see Dan Berrange's reply a few
days ago for the full details about that.
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)
More information about the devel