...... what about my feature-requests, especially number 2 ?
On Thu, Sep 11, 2014 at 12:55 PM, Roberto De Ioris <[email protected]> wrote: > > > 2014-09-11 2:37 GMT+02:00 Damjan Georgievski <[email protected]>: > > > >> On 11 September 2014 01:15, Jacob Rief <[email protected]> wrote: > >> > When building Docker containers, one must run services such as nginx, > >> sshd > >> > and uwsgi controlled by supervisord. > >> > >> http://jpetazzo.github.io/2014/06/23/docker-ssh-considered-evil/ > >> "If you run SSHD in your Docker containers, you're doing it wrong!" > >> > >> > > I fully agree on that for medium to big deployments. But sometimes you > > want > > to deploy a self-contained web-application which just runs out of the box > > and has everything inside: MySQL, NGiNX, uWSGI+Django. Here sshd is > > required to run fabric, and Docker is a nice alternative to OpenVZ. > > Obviously not very scalable, but sometimes you just have a few 100 page > > views a day. > > _______________________________________________ > > > > > in the uwsgi.it platform every user can spawn the service he/she needs but > ssh is a service running on the main host and (thanks to a pam module) > 'attaching' a session to a specific namespace using the setns() call soon > after authentication. > > This is the pam module (you need to adapt some #define for beign useful in > every context): > > https://github.com/unbit/pam-unbit > > and to expose the 'setns' socket you only need to add the --setns-socket > <path> option. That socket will allow a process running in the host (like > the sshd session) to 'enter' a new namespace (the one, in uwsgi.it case, > managed by the Emperor) > > > -- > Roberto De Ioris > http://unbit.it > _______________________________________________ > uWSGI mailing list > [email protected] > http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi >
_______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
