Sysbox integration in progress..
-
@girish I am not 100% sure it's doable, but instead of running Cloudron apps in sysbox, I think it would make a lot of sense to run a sysbox container as an addon service for apps that need to run docker containers, and run them inside the sysbox addon container.
-
@girish @mehdi, you can definitely run Sysbox side-by-side along other runtimes such as runc.
Sysbox will exclusively interact with its own containers. You just need to program your orchestrator to make use of Sysbox for those containers for which you want enhanced security or extra functionality.
Ping me if any question.
https://github.com/nestybox/sysbox#using-sysbox
--- Note that if you omit the --runtime option, Docker will use its default runc runtime to launch regular containers (rather than system containers). It's perfectly fine to run system containers launched with Docker + Sysbox alongside regular Docker containers; they won't conflict and can co-exist side-by-side. ---
-
@girish said in Sysbox integration in progress..:
And is a new release planned soon with the readonly fixes? Would be great if we can also download binaries instead of deb packages.
Forgot to answer this one. Yes, we are about to start working on the next release (ETA ~ 2 weeks). Not sure about the binaries though, will get back to you later on this.
-
@rodny-molina Having a binary would really help because usually the deb packages have a tendency to restart existing services and also automatically start their own services.
Does the debian package support this scenario - https://github.com/nestybox/sysbox/blob/master/docs/user-guide/install.md#Installing-Sysbox-without-Docker-restart ?
-
@girish, right, this 'hitless' scenario is supported by the installer as long as the expected attributes (e.g. bip, address-pools) are already configured in the docker config file. If they are not present and digested by dockerd, then the installer will restart docker.
I understand that you may need more flexibility for Cloudron's specific setup. Can we talk to have these installation details fully understood? (rmolina@nestybox.com).
-
@rodny-molina will do. Give me sometime to play around with sysbox before we have a talk, so maybe after your release. I want to give it a try in a couple of our apps to understand how it all fits.
-
From a recent discussion on sharing data between apps, this will be interesting.
-
A community update from TYPO3:
https://gitlab.typo3.org/core-testing/testing-infrastructure/
This is a 'infrastructure as code' repository for a gitlab-runner setup using sysbox, maybe this helps anyone looking into similar things:-
bare metal setup with ansible - gitlab-runner with docker executor and sysbox'd test execution in DinD
-
Hetzner cloud docker+machine - gitlab-runner with docker+machine autoscaling with sysbox on workers
-
-
-
-
@timconsidine Are you asking if we plan to integrate it into Cloudron? There are no plans as such.
-