User: Password:
Subscribe / Log in / New account

Running distributions in containers

Running distributions in containers

Posted Oct 13, 2011 18:46 UTC (Thu) by iabervon (subscriber, #722)
Parent article: Running distributions in containers

Is the idea to actually run a full, unmodified distribution in a container, or to have an unmodified distribution know that it is running in a container and run only those services that are not provided from outside? It seems like people are arguing against the former, but the wishlist item wouldn't even make sense for that goal: a distro running everything wouldn't need to know it was in a container.

I think it would actually be quite neat to do something like run Oracle on RHEL in a container on Debian, where Oracle doesn't notice that RHEL isn't actually doing a bunch of things it normally does, because the RHEL libraries and executables are in the usual places, things are installed from RPMs with an accurate database of packages installed that might be dependencies, init scripts appropriate to the runlevel get run, /dev contains the expected devices, and so forth. Meanwhile, the user whose workstation this is runs programs packaged in debs and doesn't have to be in a RHEL environment aside from for messing with the database installation.

(Log in to post comments)

Running distributions in containers

Posted Oct 13, 2011 19:53 UTC (Thu) by dlang (subscriber, #313) [Link]

what you describe (running Oracle on RHEL inside a container on Debian) is already possible, and pretty easy today.

the 'problem' is that to start it up you don't run init and have it walk through all the /etc/rc2.d/* scripts, instead you have some other script (probably outside the container) that does the work of mounting whatever you need inside the container (including with bind mounts as appropriate) and then starts up the needed things in /etc/init.d/ via chroot commands.

It works well, and has worked well for many years with just chroot. 'container' features add additional isolation to this, but this isolation also needs to be setup outside of the container itself (as this isolation piece needs to know about the global system, that will also need to be done outside of the container)

Running distributions in containers

Posted Oct 19, 2011 0:47 UTC (Wed) by jlokier (guest, #52227) [Link]

Same here: When I've migrated some old live systems to a new distro or distro version (especially if it's a big leap), I've sometimes kept the old distro running as a chroot inside the new one, so that services can be migrated one by one afterwards, and they have access to the same unix and inet sockets, and the same filesystems with "local" filesystem semantics, and the system's overall memory usage stays much the same.

(Unfortunately network filesystems aren't drop-in equivalent to local ones, the iptables needed isn't always trivial when the new and old need to share the same IP to avoid disruptive elsewhere, and sometimes you get hardware that doesn't support hardware virtualisation anyway (ironically one of those was running in a VM itself), so KVM hasn't always been a good choice.)

It works pretty well, but the script outside that you have to cobble together to replace whatever /etc/rc.* and/or /etc/init*/* does is always a pain, very distro and installation specific, and needs manually updating after changes to the inner distro. Just being able to run init would be really handy.

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds