48 lines
1.4 KiB
Markdown
48 lines
1.4 KiB
Markdown
|
# Tooling
|
||
|
|
||
|
## Control
|
||
|
- lxc _(and sub-tools)_
|
||
|
|
||
|
## Building container images
|
||
|
- debootstrap
|
||
|
_Note: it allows importing docker rootfs's aswell, however it isn't recommended_
|
||
|
|
||
|
### Base images
|
||
|
- Alpine - edge
|
||
|
|
||
|
### Build location
|
||
|
- Servers _(prefferably)_
|
||
|
- Local _(fallback)_
|
||
|
|
||
|
# Setup
|
||
|
|
||
|
## Initial clustering
|
||
|
- Manual
|
||
|
- Preseed _(needs reading and some dynamic variables, could be done via Ansible)_
|
||
|
|
||
|
## Deployment
|
||
|
- Manual _(automated with the help of the shell on need)_
|
||
|
- Likely small use of volumes _(live migration and snapshots allow easy migration)_
|
||
|
_TODO: Check if volume snapshots are a thing_
|
||
|
- Limited base image modification _(especially if it doesn't need any on-disk data)_
|
||
|
- Port exposure needs to be defined manually on a per container basiss using proxy devices _see: [Proxy Protocol for Proxy device in LXD](https://discuss.linuxcontainers.org/t/performance-of-the-proxy-device-compared-to-traditional-iptables-rules/2052/6)_
|
||
|
- Ports can be forwarded in the firewall with DNAT aswell
|
||
|
- Containers need IPv6 endpoint in DNAT mode
|
||
|
|
||
|
## Backup
|
||
|
- Container/Volume snapshots
|
||
|
- Eventual backup locations:
|
||
|
- Amazon S3
|
||
|
- Hetzner storage boxes
|
||
|
- Local _(occasional)_
|
||
|
|
||
|
# Documenting/Testing list
|
||
|
- DNS (mostly unknown)
|
||
|
- Endpoint from containers? _(/etc/resolv.conf? DHCP? Fixed?)_
|
||
|
- TLD .lxd (default)
|
||
|
- Tiered networks
|
||
|
- Most likely possible with special interfaces
|
||
|
- Needs host configuration
|
||
|
- Replicas
|
||
|
- Looks like it is not possible
|