51 lines
1.5 KiB
Markdown
51 lines
1.5 KiB
Markdown
# Tooling
|
|
|
|
## Control
|
|
- lxc _(and sub-tools)_
|
|
|
|
## Building container images
|
|
- debootstrap
|
|
_Note: it allows importing docker rootfs aswell, however it isn't recommended_
|
|
|
|
### Base images
|
|
- Alpine - edge
|
|
|
|
### Build setup
|
|
- Overlay directories to reuse the base rootfs and add configs on top
|
|
|
|
### Build location
|
|
- Servers _(prefferably)_
|
|
- Local _(fallback)_
|
|
|
|
# Setup
|
|
|
|
## Initial clustering
|
|
- Manual
|
|
- Preseed _(needs reading and some dynamic variables, could be done via Ansible)_
|
|
|
|
## Deployment
|
|
- Manual _(automated with the help of the shell on need)_
|
|
- Likely small use of volumes _(live migration and snapshots allow easy migration)_
|
|
_TODO: Check if volume snapshots are a thing_
|
|
- Limited base image modification _(especially if it doesn't need any on-disk data)_
|
|
- Port exposure needs to be defined manually on a per container basiss using proxy devices, _see: [Proxy Protocol for Proxy device in LXD](https://discuss.linuxcontainers.org/t/performance-of-the-proxy-device-compared-to-traditional-iptables-rules/2052/6)_
|
|
- Ports can be forwarded in the firewall with DNAT aswell
|
|
- Containers need IPv6 endpoint in DNAT mode
|
|
|
|
## Backup
|
|
- Container/Volume snapshots
|
|
- Eventual backup locations:
|
|
- Amazon S3
|
|
- Hetzner storage boxes
|
|
- Local _(occasional)_
|
|
|
|
# Documenting/Testing list
|
|
- DNS (mostly unknown)
|
|
- Endpoint from containers? _(/etc/resolv.conf? DHCP? Fixed?)_
|
|
- TLD .lxd (default)
|
|
- Tiered networks
|
|
- Most likely possible with special interfaces
|
|
- Needs host configuration
|
|
- Replicas
|
|
- Looks like it is not possible
|