> Hi, > > there's a great tool called "docker", which allows one to easily create > jailed linux containers based on images with copy-on-write filesystem. > > One of the best things in it, is that the container can be created in > seconds from a base image, which you can create yourself. > > This is a lot faster and easier than using, e.g. debootstrap. > > The problem is, that I don't see a way to use this thing from inside uwsgi > and the emperor. > > The preferred deployment would look something like emperor launching a > docker container based on a predefined image for each vassal (if it does > not exist yet). > This would be very easy, fast and secure from the user point of view. > > uWSGI currently has the namespace support as a low-level of jailing the > apps, but it would be extremely awesome if it can integrate somehow with > the docker's copy-on-write image-based filesystem layer. > > What do you think of that, guys? > > Thanks! > _______________________________________________ > uWSGI mailing list > [email protected] > http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi >
Some week ago i started implementing an "emperor-proxy" subsystem, for allowing the emperor to automatically spawn docker-based vassals. It works pretty well, but: 1) the implementation is so complex that i continue to ask myself if it is whorty 2) docs are missing docker is a simple wrapper for lxc,iptables and some other tools (they could have written it as a shell script instead of go, just to give an idea), so yes maybe it would be better to invest some time on a tutorial in using aufs. We have something similar for fuse: http://uwsgi-docs.readthedocs.org/en/latest/tutorials/ReliableFuse.html#going-heavy-metal-a-cow-rootfs-unionfs-fuse so, if there is a way to use docker images would be probably much better (and easier) to use only them instead of the whole docker process container. -- Roberto De Ioris http://unbit.it _______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
