> Hi, Roberto, > > any news in your developments with this issue?
Well, it has been easier than i thought, docker images can be easily mounted with overlayfs, the problem is that the docker api does not allow to get the full path of images. My idea is that docker could be a great solution for serving "rootfs" images while you can use the more advanced namespace support in uWSGI. Something like: [uwsgi] unshare = fs,ipc,uts rootfs-from-docker = ubuntu ... that internally would make a request to the docker socket for getting the path of the "ubuntu" image, and then this directory is bind-mounted readonly in the uWSGI namespace and "joined" via overlayfs (or aufs if your kernel supports it) with the writable user-related directory. Making snapshots can be still done in docker itself. Another approach is the new --setns feature of uWSGI 2.0 You can use docker to spawn a very minimal (even the core) uWSGI instance in a new namespace and then you can "attach" new instances to it: #in docker (--socket is no more needed in 2.0.1) uwsgi --setns-socket /foobar/join.me --socket /tmp/foobar # in your uWSGI instance (even as a vassal) [uwsgi] # join docker jail setns = /foobar/join.me http-socket = :8080 # your app options ... ... the funny thing is that multiple instances can join the same docker container -- Roberto De Ioris http://unbit.it _______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
