Initial plans

2020-04-06 15:09:35 +02:00 · 2020-04-06 15:09:35 +02:00 · 5fed1f7c1b
commit 5fed1f7c1b
1 changed files with 47 additions and 0 deletions
--- a/tooling.md
+++ b/tooling.md
@ -0,0 +1,47 @@
+# Tooling
+
+## Control
+- lxc _(and sub-tools)_
+
+## Building container images
+- debootstrap
+_Note: it allows importing docker rootfs's aswell, however it isn't recommended_
+
+### Base images
+- Alpine - edge
+
+### Build location
+- Servers _(prefferably)_
+- Local _(fallback)_
+
+# Setup
+
+## Initial clustering
+- Manual
+- Preseed _(needs reading and some dynamic variables, could be done via Ansible)_
+
+## Deployment
+- Manual _(automated with the help of the shell on need)_
+- Likely small use of volumes _(live migration and snapshots allow easy migration)_
+_TODO: Check if volume snapshots are a thing_
+- Limited base image modification _(especially if it doesn't need any on-disk data)_
+- Port exposure needs to be defined manually on a per container basiss using proxy devices _see: [Proxy Protocol for Proxy device in LXD](https://discuss.linuxcontainers.org/t/performance-of-the-proxy-device-compared-to-traditional-iptables-rules/2052/6)_
+- Ports can be forwarded in the firewall with DNAT aswell
+	- Containers need IPv6 endpoint in DNAT mode
+
+## Backup
+- Container/Volume snapshots
+- Eventual backup locations:
+	- Amazon S3
+	- Hetzner storage boxes
+	- Local _(occasional)_
+
+# Documenting/Testing list
+- DNS (mostly unknown)
+	- Endpoint from containers? _(/etc/resolv.conf? DHCP? Fixed?)_
+	- TLD .lxd (default)
+- Tiered networks
+	- Most likely possible with special interfaces
+	- Needs host configuration
+- Replicas
+	- Looks like it is not possible