Hi everyone, it has been a long time since I last wrote in and I thought I would post a quick update on what we have been working on, essentially the following :
-
Erle has been working on using Apache Thrift as our messaging and communications framework.
- Unprivileged LXC containers and focusing Ubuntu 14.04 as development and release platform
LXC now supports unprivileged containers, these are safer since a normal user can start them and a root in the container is not equal to the root on the host system. We want the eBrainPool container to utilize this. Unfortunately, at this moment Ubuntu 14.04 is the only distribution we could find that is properly configured to run lxc containers in unprivileged mode and therefore we have decided to stabilize on Ubuntu 14.04 first.
Not that eBrainPool won't run on other platforms but the user would need to do more work to get it to work on those, we will present a howto to get going on these other platforms once things are up and going on Ubuntu 14.04.
Apart from the eBrainPool sandbox now running in unprivileged mode we shall be adding code such that the sandbox is started and stopped as and when our application starts and stops, currently the container needs to be auto started at system start or started manually by a user with superuser privileges.
All of this code shall first be part of the sandbox branch. Once we are happy with things it shall get merged with master.
Stéphane Graber has an excellent blog post series on LXC, unprivileged containers, scripting / coding using the lxc api. It shall help you understand why we have chosen Ubuntu 14.04 as the development / release platform for now. Read the blog post at https://www.stgraber.org/category/lxc/
That's it for now folks. Cheers :)