Download - Perl containers
![Page 1: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/1.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
Create your containers with PerlCreate your containers with Perl
![Page 2: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/2.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
So first... Who am I?So first... Who am I?
![Page 3: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/3.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
So first... Who am I?So first... Who am I?
➢ System Administrator at heartSystem Administrator at heart➢ Teaching at Sofia UniversityTeaching at Sofia University➢ Organizing events like this one...Organizing events like this one...➢ CEO of 1H Ltd.CEO of 1H Ltd.➢ CTO of GetClouderCTO of GetClouder➢ Chief architect of Siteground.comChief architect of Siteground.com
![Page 4: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/4.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
The current state of containers
➢ LXC➢ Docker➢ lmctfy➢ A bunch of other small implementations➢ Build it your self
![Page 5: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/5.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
Root inside the containerRoot inside the container
ONLY WITH LXCONLY WITH LXC
![Page 6: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/6.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
So why would you need a Perl implementation
➢ Patching LXC is writing in C...➢ Writing in C is not very user friendly➢ If most of your logic is already in Perl...➢ Keep less moving blocks in your architecture
![Page 7: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/7.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
So what the hell is a container?
➢ chroot ( isolate the directory tree )➢ unshare ( create new namespace(s) )➢ cgroups ( add limits )➢ drop capabilities (optional)
![Page 8: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/8.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
What do we have in Perl?
➢ Linux::Unshare➢ Linux::Setns
![Page 9: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/9.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
What do we need?
➢ Linux::Capabilities➢ Linux::Networking
![Page 10: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/10.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
What am I proposing?a toolkit
➢ pc-start➢ pc-stop➢ pc-restart➢ pc-list➢ pc-top➢ pc-attach
![Page 11: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/11.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
➢ pre-read-config hook➢ read yaml config➢ post-read-config➢ prepare cgroup➢ post-cgroup-setup hook➢ fork
➢ prepare mount hook➢ chroot➢ post-chroot hook➢ unshare➢ post-unshare hook➢ drop caps➢ post-dropcaps hook➢ setup networking➢ post-networking hook➢ fork -> exec init➢ post init hook
➢ setup user mappings ➢ post usermap hook
So let's So let's look inside the look inside the implementation implementation
in depthin depth
pc-startpc-start
![Page 12: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/12.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
➢ pre-read-config hook➢ read yaml config➢ post-read-config➢ check if there is a cgroup➢ check if the cgroup is not empty➢ check if the base device➢ find a FD from one of the PIDs➢ pre-attach hook➢ setns
➢ execute bash -i
pc-attachpc-attach
![Page 13: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/13.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
➢ pre-read-config hook➢ read yaml config➢ post-read-config➢ check if there is a cgroup➢ check if the cgroup is empty➢ do pc-attach
➢ execute halt
pc-stoppc-stop
![Page 14: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/14.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
➢ loop trough the configs➢ check if the cgroup exists➢ check if the cgroup is empty➢ check if it has init running inside
pc-listpc-list
![Page 15: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/15.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
➢ Loop trough all the configs➢ check if the cgroup exists➢ check if the cgroup is not empty➢ collect the following stats➢ cpu usage➢ memory usage➢ I/O usage➢ Network usage
➢ It should allow the admin to➢ sort each by each resource ➢ handle signals➢ configure the interface
pc-toppc-top
![Page 16: Perl containers](https://reader033.vdocuments.us/reader033/viewer/2022050804/547e5301b4af9faf158b55ed/html5/thumbnails/16.jpg)
YAPC::EU 2014 SofiaYAPC::EU 2014 Sofia
http://github.com/hackman/azilian