[atomic-wg] Issue #290: Make fedora-minimal base image generally available

dwalsh added a new comment to an issue you are following: `` scratch is not a "base" image, it is just a special name that tells buildah to create a layer with nothing in it. Dockerfile has the same concept. `` To reply, visit the link below or just reply to this email

Re: Schedule for Container Policy VFAD

Sounds good. On 03/09/2017 11:02 AM, Josh Berkus wrote: > On 03/09/2017 07:50 AM, Daniel J Walsh wrote: >> Sure I can help on this depending on the date. >> > Tommorrow. Can you dial in at 2pm? > > ___ clo

[atomic-wg] Issue #233 `Container guidelines for systemd based containers`

dwalsh added a new comment to an issue you are following: `` Not sure here is the best place, but I would start by saying 1. Easily move applications from VM to container, using standard scripts. IE FROM fedora-init RUN dnf -y install httpd; systemctl enable httpd ADD MYPHP /var/www/html ... 2.

[atomic-wg] Issue #233 `Container guidelines for systemd based containers`

dwalsh added a new comment to an issue you are following: `` BTW Even if we got oci-systemd-hook into debian, we would still need to get projectatomic/docker in since docker rejected the patch to run hooks directly. `` To reply, visit the link below or just reply to this email

[atomic-wg] Issue #196 `moving to docker 1.13 in Fedora 25`

dwalsh added a new comment to an issue you are following: `` Sure, our teams policy is that we don't update docker package until k8s and OpenShift support it. But it is likely that this would change during the 13 months of a Fedora release. `` To reply, visit the link below or just reply to

[atomic-wg] Issue #196 `moving to docker 1.13 in Fedora 25`

dwalsh added a new comment to an issue you are following: `` I don't believe Fedora has such a capability. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/196 ___ cloud mailing list --

[atomic-wg] Issue #196 `moving to docker 1.13 in Fedora 25`

dwalsh added a new comment to an issue you are following: `` @vinzentm I tend to agree with you the thought was to put it in updates-testing, without ever releasing it so is is easy to get a hold of for those that want it. `` To reply, visit the link below or just reply to this email

[atomic-wg] Issue #196 `moving to docker 1.13 in Fedora 25`

dwalsh added a new comment to an issue you are following: `` None have been created yet. I will attempt to get one built as soon as we have docker-1.13 in updates-testing. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/196

[atomic-wg] Issue #186 `switch to overlay2`

dwalsh added a new comment to an issue you are following: `` I find ROOT confusing. ROOT means /root or / or the rootfs of the container. But I am bike shedding. I think we pick one and then put an explanation in the config file and be done with it. BTW This discussion should have gone on

[atomic-wg] Issue #186 `switch to overlay2`

dwalsh added a new comment to an issue you are following: `` Lets go with CONTAINER_LV_NAME CONTAINER_LV_MOUNT_PATH That makes it clear this is a logical volume, and we need to put examples into the configuration. `` To reply, visit the link below or just reply to this email

[atomic-wg] Issue #186 `switch to overlay2`

dwalsh added a new comment to an issue you are following: `` User edits /etc/sysconfig/docker-storage-setup which should include documentation on what can be changed. Uwe edits /etc/sysconfig/ocid-storage-setup which should include documentation on what can be changed. container-storage-setup

[atomic-wg] Issue #197 `Change size of Root, Docker partitions in F26 Atomic Host storage setup`

dwalsh added a new comment to an issue you are following: `` Nit> Can we change this from Docker partition to Container Image partition. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/197 ___ cloud

[atomic-wg] Issue #186 `switch to overlay2`

dwalsh added a new comment to an issue you are following: `` A couple of things here. We plan on renaming docker-storage-setup -> container-storage-setup. We want to allow contianer-storage-setup be able to setup multiple container runtimes. Docker, CRI-O, perhaps others. So having magic

[atomic-wg] Issue #196 `moving to docker 1.13 in Fedora 25`

dwalsh added a new comment to an issue you are following: `` I think we should get docker-1.13 into Rawhide right away. The problem with putting it into Fedora 25 is it has not been fully vetted with OpenShift and Kubernetes yet. I don't believe we should swap out the docker version their

Re: docker-latest in Fedora

On 01/13/2017 08:38 AM, Antonio Murdaca wrote: > Hi, > > Seems like no people are really using docker-latest in Fedora. I > realized that because the version in F25 is old and nobody adds karma > to the updates in bodhi there. Is there any real user of docker-latest > in Fedora? Just asking

[atomic-wg] Issue #186 `switch to overlay2`

dwalsh added a new comment to an issue you are following: `` Exported containers get written by default to /var/lib/atomic/migrate, this can be overwritten with the `--dir` option. Should re `atomic storage reset` do the atomatic space recaptor of the docker-root-lv? @vgoyal ? `` To

[atomic-wg] Issue #186 `switch to overlay2`

dwalsh added a new comment to an issue you are following: `` @jberkus The tools will work fine if you just want to start fresh and blow away your container images. ``` atomic storage reset ``` Should delete everything, then you change your default backend using ``` atomic storage modify

[atomic-wg] Issue #186 `switch to overlay2`

dwalsh added a new comment to an issue you are following: `` I disagree with 2. We have tools that allow you to switch back to devicemapper if their is partioning, which is why we want to keep partitioning. If this was easy to switch from no partioning to partitioned, then I would agree

Re: [atomic-devel] Fedora 26 change: using overlayfs as default

On 12/16/2016 03:16 AM, Marius Vollmer wrote: > Vivek Goyal writes: > >> [...] And if overlayfs does not work for a user, switching back to >> devmapper should be easy. >> >> - atomic storage reset >> - edit /etc/sysconfig/docker-storage-setup and set >>

Re: [atomic-devel] Fedora 26 change: using overlayfs as default

On 12/15/2016 12:18 PM, Josh Berkus wrote: > Dan, Dusty, Vivek: > > So far nobody has defined (technically) the exact problem with overlayfs > and how it affects applications which want to write data inside the > container. > > Note that just saying "don't use Overlay for persistent data" really

Re: [atomic-devel] Fedora 26 change: using overlayfs as default

On 12/14/2016 10:38 AM, Dusty Mabe wrote: > > On 12/14/2016 07:51 AM, Daniel J Walsh wrote: >> I have heard that the issue with yum/rpm is being worked on in the kernel. >> For those that to not know the issue is for programs that open a file twice >> once for readonly

Re: [atomic-devel] Fedora 26 change: using overlayfs as default

On 12/13/2016 02:18 PM, Dusty Mabe wrote: > > On 12/13/2016 01:02 PM, Colin Walters wrote: >> On Tue, Dec 13, 2016, at 12:45 PM, Clayton Coleman wrote: >>> Are the POSIX issues in applications running on overlay mostly resolved >>> now? I.e. if we flipped the default would be reasonably able

Re: [atomic-devel] Fedora 26 change: using overlayfs as default

, but still allow a user to switch from overlay back to devicemapper. On 12/13/2016 12:23 PM, Chris Murphy wrote: > On Tue, Dec 13, 2016 at 8:01 AM, Daniel J Walsh <dwa...@redhat.com> wrote: >> The only way to change from one storage to the other is to use >> >> atom

Re: Fedora 26 change: using overlayfs as default

On 12/12/2016 05:53 PM, Josh Berkus wrote: > On 12/12/2016 02:24 PM, Dusty Mabe wrote: > >> I think the rationale is that we'd like to not have a much different >> experience whether you are using docker on atomic host or not. My >> thoughts are that overlay is where we want to be in the future

Re: Fedora 26 change: using overlayfs as default

On 12/12/2016 05:19 PM, Jason Brooks wrote: > On Mon, Dec 12, 2016 at 2:12 PM, Dusty Mabe wrote: >> After I get a bug[1] fixed and out the door I'm going to publish >> a blog post/docs on setting up Fedora 25 Atomic host and/or Cloud >> base to use overlay2 as the storage

Re: Fedora 26 change: using overlayfs as default

On 12/12/2016 05:16 PM, Dusty Mabe wrote: > > On 12/12/2016 05:13 PM, Josh Berkus wrote: >> On 12/12/2016 02:12 PM, Dusty Mabe wrote: >>> After I get a bug[1] fixed and out the door I'm going to publish >>> a blog post/docs on setting up Fedora 25 Atomic host and/or Cloud >>> base to use

[atomic-wg] Issue #178 `Fix locale support in base image.`

dwalsh added a new comment to an issue you are following: `` How large is localctl? `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/178 ___ cloud mailing list -- cloud@lists.fedoraproject.org To

[atomic-wg] Issue #176 `status of kubernetes on fedora atomic 25`

dwalsh added a new comment to an issue you are following: `` I have asked Giuseppe Scrivano to move forward on system containers to implement kubernetes workflow on atomic host. He currently has most of services available as system containers and is moving them into

Re: Blogs for F25 release

On 11/10/2016 08:47 AM, Dusty Mabe wrote: > > On 11/10/2016 06:12 AM, Daniel J Walsh wrote: >> >> On 11/09/2016 12:43 PM, Dusty Mabe wrote: >>> I believe we need to communicate a few things for F25: >>> >>> 1 - overlayfs - what it is, how to enable

Re: Blogs for F25 release

On 11/09/2016 12:43 PM, Dusty Mabe wrote: > I believe we need to communicate a few things for F25: > > 1 - overlayfs - what it is, how to enable it in the various f25 images we > release > 2 - containerized k8s - no longer in atomic host so we have to show people > how to use it > > I am

Re: [atomic-devel] Add mdadm to Fedora Atomic Host

On 08/18/2016 12:00 PM, Dusty Mabe wrote: > We need to add mdadm to Fedora Atomic Host so that we can support software > raid disk setups. > > https://pagure.io/fedora-atomic/pull-request/8 > No way to do this with SPC? ___ cloud mailing list

Re: [atomic-devel] docker does not work in F24 Atomic

On 05/11/2016 01:03 PM, Dusty Mabe wrote: Hey All, As far as I can tell Docker is broken in F24 atomic. We have had issues with docker for a while now but testing on fedora cloud base from the updates-testing repo seemed to show the problem as resolved. However, now that

Re: Fedora 24 and Atomic

On 03/17/2016 10:07 AM, Matthew Miller wrote: Hey, so, Dennis tells me we don't currently have an F24 two-week Atomic. I don't think we need Atomic as part of the actual Alpha compose/release, but as I understand it, the plan is to cut the two-week Atomic over to F24 base at the F24 release.

Re: Putting Networkd on cloud Atomic and base image for F24

On 12/21/2015 04:05 PM, Subhendu Ghosh wrote: > > > On Mon, Dec 21, 2015 at 11:14 AM, Peter Robinson > wrote: > > On Mon, Dec 21, 2015 at 2:10 PM, Subhendu Ghosh > > wrote: > > Both

Re: Why I'm excited about Atomic for Fedora

On 10/28/2015 02:08 PM, Matthew Miller wrote: > On Wed, Oct 28, 2015 at 10:59:01PM +0530, Aditya Patawari wrote: >> For me, I often have to move away from Fedora Cloud or Server editions >> because of limited support cycle. I don't want to run a distribution >> in my production environment where

Re: [atomic-devel] Introducing sen: terminal user interface for docker engine

On 10/27/2015 07:41 AM, Joe Brockmeier wrote: > On Tuesday, October 27, 2015 10:13:17 AM Stef Walter wrote: >> On 27.10.2015 09:59, Tomas Tomecek wrote: >>> Quoting Joe Brockmeier (2015-10-27 01:55:17) >>> Any chance this is going to be a Cloud feature for Fedora 24? (Probably jst

Re: selinux denials when starting docker in F23

On 10/10/2015 09:09 AM, Dusty Mabe wrote: > > > On 10/10/2015 08:02 AM, Daniel J Walsh wrote: >> >> On 10/09/2015 01:07 PM, Bruno Wolff III wrote: >>> On Fri, Oct 09, 2015 at 12:43:52 -0400, >>> Dusty Mabe <du...@dustymabe.com> wrote: >&

Re: selinux denials when starting docker in F23

On 10/09/2015 01:07 PM, Bruno Wolff III wrote: > On Fri, Oct 09, 2015 at 12:43:52 -0400, > Dusty Mabe wrote: >> >> >> On 10/08/2015 03:06 PM, Dusty Mabe wrote: >>> and this is in the journal: >>> >>> ``` >>> Oct 08 19:04:31 cloudhost.localdomain audit[1]: USER_AVC pid=1

Re: selinux denials when starting docker in F23

On 10/08/2015 03:23 PM, Dusty Mabe wrote: > > > On 10/08/2015 03:06 PM, Dusty Mabe wrote: >> Hey guys anybody seen these when starting >> docker-1.8.2-5.gitcb216be.fc23.x86_64: >> >> ``` >> Oct 08 18:55:47 cloudhost.localdomain audit[1513]: AVC avc: denied { >> read } for pid=1513

Re: Docker mysterious behavior in F22

On 05/17/2015 08:23 PM, Dusty Mabe wrote: On Sun, May 17, 2015 at 07:43:38PM -0400, Matthew Miller wrote: On Sun, May 17, 2015 at 07:18:05PM -0400, Dusty Mabe wrote: So. Some new information. Looks like there is a new docker in testing [1] that does not have this problem. We need to add

Re: dnf in Dockerfiles

Scott we found an interesting problem with libvirt protections on /dev/kvm. If you run this container on an atomic machine, the device has the wrong protections. You need to add chmod 666 /dev/kvm to make it work, or chmod 660 /dev/kvm chown root:qemu /dev/kvm I think this would break on other

Re: Atomic 2 week releases

On 03/09/2015 12:03 PM, Michael P. McGrath wrote: - Original Message - From: Daniel J Walsh dwa...@redhat.com To: Fedora Cloud SIG cloud@lists.fedoraproject.org Sent: Monday, March 9, 2015 10:45:42 AM Subject: Re: Atomic 2 week releases On 03/09/2015 11:34 AM, Michael P. McGrath

Re: Atomic 2 week releases

On 03/10/2015 01:09 PM, Michael P. McGrath wrote: - Original Message - From: Daniel J Walsh dwa...@redhat.com To: Fedora Cloud SIG cloud@lists.fedoraproject.org Sent: Tuesday, March 10, 2015 11:31:27 AM Subject: Re: Atomic 2 week releases On 03/09/2015 12:03 PM, Michael P. McGrath

Re: Atomic 2 week releases

On 03/09/2015 11:34 AM, Michael P. McGrath wrote: Hey all, I wanted to start a thread about doing more frequent Atomic releases in Fedora. In particular I'd like to start building a new atomic release every two weeks that includes the latest version of Docker, Kubernetes, and OSTree for

Re: Fwd: Running mesos-slave in Docker container (Atomic Discussion)

docker run --privileged Turns off all of the docker security. Has anyone tried to run a container for something like mesos that execs docker commands, to maybe look like docker run --privileged -v /:/host -v /run:/run -ti -net=host mesos /bin/sh This would cause all of / to be mounted in /host

Re: libvirt and SELlinux 'access denied' in a VM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/24/2014 06:28 AM, Juerg Haefliger wrote: On Mon, Mar 24, 2014 at 11:23 AM, Juerg Haefliger jue...@gmail.com mailto:jue...@gmail.com wrote: On Sat, Mar 22, 2014 at 11:46 AM, Daniel J Walsh dwa...@redhat.com mailto:dwa

Re: libvirt and SELlinux 'access denied' in a VM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/24/2014 08:44 AM, Juerg Haefliger wrote: On Mon, Mar 24, 2014 at 1:14 PM, Daniel J Walsh dwa...@redhat.com mailto:dwa...@redhat.com wrote: On 03/24/2014 06:28 AM, Juerg Haefliger wrote: On Mon, Mar 24, 2014 at 11:23 AM, Juerg

Re: libvirt and SELlinux 'access denied' in a VM

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/21/2014 10:36 AM, Juerg Haefliger wrote: Hi, I started a VM using the official F20 cloud image, installed libvirt and its dependencies and tried to create a guest but SELinux won't let me: [root@fedora-20 ~]# virsh create mini.xml error:

Re: Fedora 20 RC1 AMIs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/12/2013 11:44 AM, Matthew Miller wrote: On Thu, Dec 12, 2013 at 03:18:31PM +0100, Vitaly Kuznetsov wrote: ami-3b361952 : us-east-1 image for i386 ami-1337187a : us-east-1 image for x86_64 Compared to TC5 images: 1) iptables-services package

Re: Fedora 20 TC2 AMIs

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/21/2013 03:13 PM, Vitaly Kuznetsov wrote: Matthew Miller mat...@fedoraproject.org writes: On Thu, Nov 21, 2013 at 01:30:15PM +0100, Vitaly Kuznetsov wrote: I ran basic tests agains them and they're ok. The only issue I still see is wrong

Re: container/container-medium-19.ks container/container-medium-20.ks container/container-minimal-19.ks container/container-minimal-20.ks

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2013 01:18 PM, Matthew Miller wrote: container/container-medium-19.ks |3 +++ container/container-medium-20.ks |3 +++ container/container-minimal-19.ks |2 ++ container/container-minimal-20.ks |2 ++ 4 files changed, 10

Re: container/container-medium-19.ks container/container-medium-20.ks container/container-minimal-19.ks container/container-minimal-20.ks

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/19/2013 03:10 PM, Matthew Miller wrote: On Thu, Sep 19, 2013 at 02:11:05PM -0400, Daniel J Walsh wrote: In a container image, you do not need to install selinux-policy*, since selinux policy is not supported within the container. From

Re: Future directions for Fedora Cloud

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/16/2013 04:57 PM, Colin Walters wrote: On Wed, 2013-09-11 at 12:01 -0400, Matthew Miller wrote: So, idea one is to make something like CoreOS (http://coreos.com/): a lightweight distribution made for running containers on top of. We

Re: Disabling firewalld on AWS?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/11/2013 08:53 AM, Sam Kottler wrote: - Original Message - From: Michael Hampton er...@ioerror.us To: cloud@lists.fedoraproject.org Sent: Wednesday, September 11, 2013 8:47:23 AM Subject: Re: Disabling firewalld on AWS? On