[systemd-devel] systemd.conf early-bird tickets, cfp and workshops

2016-06-27 Thread Chris Kühl 
Hi all,

Here's a quick set of updates and reminders regarding systemd.conf 2016

Important dates:

We've got a number of important dates that are approaching for
systemd.conf 2016.

* June 30th: Early-bird ticket sales ends. Save yourself or your
organization 20% by purchasing early-bird bird tickets before July
1st. https://ti.to/systemdconf/systemdconf-2016/
* August 1st: Call for Participation ends for talks and workshops.
Please get your proposal in on time. https://cfp.systemd.io

Workshops:

A new addition to this year's conference is the workshop day. The goal
of this day is to offer hands-on training sessions to those who want
to learn more about systemd. It's intended that these trainings be
conducted by systemd community members. Proposals for workshops can be
submitted at https://cfp.systemd.io

If you have questions about workshops please contact us at i...@systemd.io

Sponsorship:

Thanks to the organizations that have signed on to sponsor
systemd.conf 2016. If you're organization would like to join those
ranks, contact the systemd.conf team at sponsors...@systemd.io

As always, you can find more information about the conference at
https://conf.systemd.io/ or contact us at i...@systemd.io

Cheers,
Chris
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] systemd.conf early-bird tickets, cfp and workshops

2016-06-28 Thread Chris Kühl 
On Mon, Jun 27, 2016 at 7:18 PM, Jóhann B. Guðmundsson
<johan...@gmail.com> wrote:
>
>
> On 06/27/2016 02:36 PM, Chris Kühl wrote:
>>
>>
>> Workshops:
>>
>> A new addition to this year's conference is the workshop day. The goal
>> of this day is to offer hands-on training sessions to those who want
>> to learn more about systemd. It's intended that these trainings be
>> conducted by systemd community members. Proposals for workshops can be
>> submitted at https://cfp.systemd.io
>>
>> If you have questions about workshops please contact us at i...@systemd.io
>>
> Or you can just be replied to here since you advertise 300 euro
> participation fee for workshop schedule that a) does not exist and b) is not
> part of the professional package ( read as corporate sponsored individuals
> since we do have quite few that would be considered professionals in the
> community, where this might be a value add to ) is expected to be conducted
> by systemd community members for systemd community members ( since they
> would also have to pay 300 euro fee also to attend ).
>

Hi Jóhann,

There's a few things to address from your comment. Let's see if I can
cover them all.

Firstly, regarding pricing, the workshop day needs to be completely
self-financed, meaning ticket revenue needs to cover the costs of the
venue, catering, drinks, & misc. For planning purposes, we assume
we'll have approximately the same revenue from non-workshop attendance
and sponsorship as last year. That should cover the cost of the
conference which this year includes extra costs for the additional
space and upgraded (warm) meals. It would be very optimistic to assume
we could also cover the extra workshop day comfortably with just that
revenue.

The reason for having separate tickets for workshop and conference
days is simply that the audience is potentially rather different. The
workshops are not really intended to be for systemd developers or
expert users, which made up a large portion of last years attendees.
To reiterate from above, we want to make sure the workshop day can be
self-sustained and is not being financed by attendees that are not
really interested in the offering.

> It would be good to know who's the genius behind this idea, ( read sat
> somewhere at an meeting and had the "hey here's an idea let's add workshop
> to the mix, have the community manage it and charge 300 euros for it in the
> process" )  the pricing behind it and where does all that money go?
>

The motivation behind the workshop is to open systemd.conf up to those
ppl who are looking to learn more about what systemd can do in a more
hands-on way. It's something we were considering doing last year but
wanted to keep the scope small for the first year. I think most would
agree that there is a lot of room left to educate ppl about what
systemd is and can do.

While I like your extreme optimism, those of us who have to carry the
financial risk of putting on the event have to use a more cautious
optimism. This is the first year we've done the workshop, so we are
being cautious with regards to estimating attendance.

Anyway, we're always open to constructive suggestions on how
systemd.conf can be better.

Cheers,
Chris

> JBG
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Use of namespaced cgroups (aka Docker in systemd-nspawn containers)

2016-07-01 Thread Chris Kühl 
On Mon, Jun 27, 2016 at 4:58 PM, Lee Hambley  wrote:
> Hi List,
>
> My company is currently conducting research into the most viable container
> technology that fits our stack (CentOS based) and given our already
> widespread reliance on systemd, I have a personal stake in preferring not to
> introduce other tooling (LXD, the 2nd place leader) into our stack.
>
> I'd like to know what is required to fulfil our use-case (Docker in
> LXD/systemd-nspawn)
>

Hi Lee,

You may want to look into rkt[1] if you're on CentOS 7. By default it
uses systemd-nspawn to set up the containerized environment and it's
designed to work and integrate well with systemd.

If you want to talk more about it, it'd probably be best to take the
conversation to the rkt-dev list[2] or the #rkt-dev freennode channel.

Cheers,
Chris

disclaimer: My company contributes to rkt.

[1] https://github.com/coreos/rkt
[2] https://groups.google.com/forum/#!forum/rkt-dev

> Here's what I (think I) know:
>
> Docker can't run in systemd-nspawn because cgroup fs is mounted ro, and the
> systemd-nspwan container sees the entire system's cgroupfs (no namespacing)
> cgroups filesystem normally mounted ro in containers, to protect the host
> (or, something related to privileged containers)
>
> When mounted rw it can break the host (not the worst problem in the world,
> we're not defending against malice here, but apparently it's trivial to
> brick the host by having systemd fight over ttys, etc)
> it might be fair to say that privilidged containers
>
> namespaces cgroups are relatively new in linux
>
> available 4.6 [1]
> backported to 4.4+ on Ubuntu kernels
>
> We think LXD does something around setns() [2] to make sure that the
> container has a correct view of the cgroup "subtree".
>
>
> I suspect something can be done in .nspawn files to grant certain privileges
> to work around issues related to ro/rw cgroups trees, etc but I think
> systemd-nspawn has to know about creating the correct cgroup hierarchy
> before passing control to the
>
> Please excuse the "idiot knows what he's talking about tone" I'm very deep
> into this stuff today, and not in a good way.
>
> Thanks sincerely,
>
> ---
>
> [1]:
> https://www.phoronix.com/scan.php?page=news_item=CGroup-Namespaces-Linux-4.6
> [2]:
> https://github.com/lxc/lxd/blob/c8a2956fae6d5d2092e17a3229e4640b53c8a854/lxd/nsexec.go#L107-L126
>
> Lee Hambley
> http://lee.hambley.name/
> +49 (0) 170 298 5667
>
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel