Launchpad Entry: servercloud-p-lxc
Contributors: serge-hallyn, stgraber
Packages affected: lxc, linux
In order to improve usability and maintenance of lxc, some things should be worked on during the p cycle.
- provide a default bridge and lxc.conf
- proper reboot
- containerized syslog
- VFS support for user namespaces.
- apparmor support
- tests in qa-regression-tests
LXC is now provides a default configuration to help you get started out of the box.
These items would each work to make lxc easier to administer, more useful, and safer to the host.
A default configuration would allow users to get started without having to look to blogs for examples.
Reboot support would make containers more robust to in-guest overmounting of /var, and remove complexity from lxcguest, since tmpfs could be mounted on /run.
Containerized syslog would make containers more useful for debugging applications which log to syslog.
VFS support for user namespaces would allow some containers to be run in a user namespace, to protect the host from root in the container.
Apparmor support would help to protect the host from containers, and hopefully allow more unmodified packages to work in a container just as they do on the host.
Joe wants to use lxc, but doesn't know how to get started creating his first container.
Jane wants to debug samba in a container, but syslog messages don't show up in the container.
Jill wants to try an untrusted piece of software in a container without posing a threat to the host.
Container reboot patches are accepted upstream.
Containerized syslog patches accepted upstream.
VFS support for user namespaces supported upstream.
Apparmor namespace support is improved.
You can have subsections that better describe specific parts of the issue.
This section should describe a plan of action (the "how") to implement the changes discussed. Could include subsections like:
Should cover changes required to the UI, or specific UI that is required to implement this
Code changes should include an overview of what needs to change, and in some cases even the specific details.
- data migration, if any
- redirects from old URLs to new ones, if any
- how users will be pointed to the new way of doing things, if necessary.
It's important that we are able to test new features, and demonstrate them to users. Use this section to describe a short plan that anybody can follow that demonstrates the feature is working. This can then be used during testing, and to show off after release. Please add an entry to http://testcases.qa.ubuntu.com/Coverage/NewFeatures for tracking test coverage.
This need not be added or completed until the specification is nearing beta.
This should highlight any issues that should be addressed in further specifications, and not problems with the specification itself; since any specification with problems cannot be approved.
BoF agenda and discussion
Use this section to take notes during the BoF; if you keep it in the approved spec, use it for summarising what was discussed and note any options that were rejected.