:: Re: [DNG] Incus
トップ ページ
このメッセージを削除
このメッセージに返信
著者: Martin Steigerwald
日付:  
To: dng
題目: Re: [DNG] Incus
Simon Walter - 27.06.24, 22:21:41 CEST:
> On 2024-06-27 18:10, Martin Steigerwald wrote:

[…]
> > Some services like SSH have their own service dir template. But I only
> > saw this in "openssh-server" package so far. The package
> > "runit-services" has other service dir template. On a server I
> > created a service dir template for Incus. I intend to ask the
> > maintainer of the Debian package for Incus whether they like to
> > include it. Then I'd either to a merge request for Incus or
> > runit-services, depending on the answer.
>
> Is this this the Incus you speak of, Martin?
> https://github.com/lxc/incus


https://linuxcontainers.org/incus/

I prefer to use project owned sites over Microsoft owned Github where
possible. But yeah that is the one. And yes git clone from Github a lot
myself, it is hard to avoid.

I think I also learned about Incus due to these wiki sites:

https://wiki.debian.org/LXD

https://wiki.debian.org/Incus

Given the situation I decided to go with Incus instead of LXD in order to
save me a migration.

So far my experience has been pretty straight forward. There were some
little things like needing to install dhcpcd on Alpine in order to have
DHCP work there – I use static addresses for mostly cosmetic reasons – and
like a Runit based container having wrong path – still need to write up
something for Lorenzo to set up a minimal Incus to verify some things:

runit-init: configuring network interfaces at boot inside LXC with runit as
init system fails

https://bugs.debian.org/1068922

I sometimes feel quite overwhelmed at all the open ends and it is
challenging for me to prioritize what to do first and what next.

However after having fixed that DBUS service startup thing I now at least
have a quite stable laptop again. Unfortunately recent Linux kernels have
quite some issues with the older ThinkPad T14 AMD Gen 1. It is still going
strong but before the upcoming economic collapse I thought I upgrade to a
more recent laptop once more. Recent Linux kernels work a lot better with
the Gen 5. It is unfortunate but also Linux does not seem to get tested as
much on older hardware as on more recent hardware. Also whenever I
reported a bug I got back: "You need to bisect that in order to gain
attention by kernel developers". They are overwhelmed as well. And error
messages from the Linux kernel can be quite cryptic and non revealing.
Actually I think the Linux kernel is quite a mess nowadays.

It is all so fast, too fast if you ask me. Linux is being developed at an
insane pace and it has so many bugs these days, so many regressions, it is
unbelievable. Hardware still usually has no open firmware. I just disabled
IPv4 and IPv6 stacks in the UEFI firmware, cause why does the firmware need
to have an IP stack to begin with and so on and so forth – especially when
it is closed source. I'd rather stop the ranting now.

> I feel like I've been living under a rock. I've been using vanilla LXC
> for over a decade now. I never wanted to touch docker nor podman nor
> LXD, but this looks interesting.
>
> Do you use it for servers or for desktop isolation?


I use it for my main server which provides mail and web services as well
as an Quassel instance. It is managing 12 LXC containers:

- A mail server with Postfix, Dovecot, rspamd
- A Nginx based reverse proxy
- 9 web servers, most of them Nginx, but also quite some Apache
- A quassel instance

11 are Alpine 3.20.1. One web server with Wordpress is Devuan Daedalus as
I prefer to use the Wordpress package in Debian.

Feel free to ask questions but allow for some time to respond.

> Oh, it's written in golang. Maybe I'll use it on a workstation for
> disposable workloads/isolation.
>
> What!? It's even in the devuan pkg repos? OK, I have to try this out.


There is even a backport available for Daedalus.

Best,
--
Martin