Thanks!
Yes, we are concentrating on Tizen 3.
I think your devices have an older kernel, but I'm not sure.
You can check if the kernel is OK with vasum-check-config.sh script from
Vasum's repo or lxc-checkconfig.
If you want to play with containers on Tizen 3.0 you could use the
emulator. I'm sure Vasum/Docker/LXC will work.
We are maintaining LXC for Tizen so it should be possible to build with
gbs - here are the instructions for Odroid:
https://wiki.tizen.org/wiki/Security:Vasum:Usage
Cheers,
Jan Olszak
On 10/26/2015 10:56 PM, Bob Summerwill wrote:
Thanks for the information, Jan and Dominig.
The Vasum video demonstration is very, very cool. Yes, I can
imagine that "graphical" containers are a significantly more
complicated proposition than headless server containers.
Am I right in thinking that all Vasum and Cynara work is Tizen 3.x
only? The model looks quite different for Tizen 2.x -
https://wiki.tizen.org/wiki/Security/Tizen_2.X_Architecture - though
Smack is still there.
>> So as long as you are OK with that I guess you can use them without a
problem.
>> All needed kernel features are switched on.
I think I would like to start my exploration with this simple
scenario. But will the appropriate kernel features be enabled in
Tizen 2.x, I wonder? Specifically, I have a Gear S2 (2.3.1) and
Samsung Z3 (2.4.0) as my test subjects. Will anything be possible in
terms of LXC experiments on those devices, I wonder?
I'm guessing that I will need to cross-compiler LXC binaries myself
for Tizen?
https://linuxcontainers.org/lxc/downloads/
BTW - What happened to your builds in October? Not so many test
runs happening, eh? :-(
https://wiki.tizen.org/wiki/Weekly_test_results_for_Tizen_3.X_security_framework
On Mon, Oct 26, 2015 at 5:26 AM, Jan Olszak <[email protected]
<mailto:[email protected]>> wrote:
Hi there!
Indeed we're developing Vasum to provide "graphical" Linux
containers for Tizen (or any other Linux distribution).
It has a rich C/Dbus API and uses LXC under the hood.
The problem with Docker, LXD, libvirt is that they concentrate on
the server use case. So as long as you are OK with that I guess
you can use them without a problem. All needed kernel features are
switched on.
On Tizen we have "apps" that have "permissions" enforced by
Cynara. This complicates the installation process.
- Security Manager had to integrate with Vasum (master-slave mode)
to enable app installation inside containers.
- "Smack namespaces" are pending integration to the kernel. Every
container will have a separate label mapping.
Currently we're working on:
- replacing LXC with our lxcpp library
- integrating with Wayland
- conforming to the Open Container Initiative
Some links:
- Wiki: https://wiki.tizen.org/wiki/Security:Vasum
- Github: https://github.com/Samsung/vasum
- Documentation: http://samsung.github.io/vasum/
- Demo for Fedora: https://www.youtube.com/watch?v=hsNvI9kHTvI
Cheers,
Jan Olszak
On 10/26/2015 12:11 PM, Dominig ar Foll (Intel OTC) wrote:
Bob,
initial investigation on use of Name spaces has been done by
Samsung.
It is based on lxc.
Get a look at
https://wiki.tizen.org/wiki/Security:Vasum:Usage
Dominig ar Foll
Senior Software Architect
Open Source Technology Centre
Intel SSG
Le 26/10/2015 04:08, Bob Summerwill a écrit :
What support (if any) is missing for Tizen 2.4 and Tizen
3.0 to be able to support LXC or even Docker?
I know that there have been efforts in this direction in
the past. Just wondering about the current status and
any plans/roadmap to support Linux containers?
Cheers,
Bob Summerwill
--
http://www.tizenexperts.com/author/bob-summerwill/
[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
_______________________________________________
Dev mailing list
[email protected] <mailto:[email protected]>
https://lists.tizen.org/listinfo/dev
_______________________________________________
Dev mailing list
[email protected] <mailto:[email protected]>
https://lists.tizen.org/listinfo/dev
_______________________________________________
Dev mailing list
[email protected] <mailto:[email protected]>
https://lists.tizen.org/listinfo/dev
--
[email protected] <mailto:[email protected]>
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
