Fedora Server and Docker
Simo Sorce
simo at redhat.com
Mon Jun 2 17:51:32 UTC 2014
On Mon, 2014-06-02 at 08:03 -0400, Stephen Gallagher wrote:
> I've been playing with Docker quite a bit lately, particularly the
> Fedora Dockerfiles[1] to see what might be useful for the Fedora Server.
>
> For one thing, it occurs to me that we may want to have a strategy for
> using Docker images in the Fedora Server for any Roles that can
> support it[2].
>
> Advantages:
> * Deployment can be scripted as dockerfiles instead of full packages
> * The same Docker image is guaranteed(?) to be loadable by the next
> version of Fedora, making distro-upgrades safer.
> * Role upgrades can be handled by starting up a new Docker image with
> the updated software and then migrating data between them.
> * With Docker and SElinux, our Roles can be isolated from the host
> server. (And potentially migrated to a Fedora Cloud system later).
>
> I've specifically been playing around with using Docker images of
> PostgreSQL (our planned Database Server Role for Fedora 21) and have
> found that the Fedora Dockerfile is extremely easy to build and get
> running.
>
> I think that it would be to our advantage to tend towards using Docker
> images as the implementation for the Database Server Role as well as
> the proposed memcached role and potentially others, such as the
> fileserver or iSCSI target roles.
>
> This *would* imply adding the docker-io package as part of the
> standard installation of the Fedora Server.
>
> Thoughts?
>
>
> [1] https://github.com/fedora-cloud/Fedora-Dockerfiles\
> [2] FreeIPA, our choice of Domain Controller, is not currently
> supported under Docker, though upstream has a working
> proof-of-concept. This we can revisit down the road.
I am seriously concerned about security upgrades in a docker world, I do
not see an easy way to manage that yet.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the server
mailing list