Bug#657678: ITP: simplelxc -- Minimalist package to create LXC guests and then manage them simply.
On 01/28/2012 05:41 PM, Bekir Dogan wrote:
> * Simplelxc creates a container even if no parameter is given and asks
> nothing, this is to help users who are not interested in what the
> system is.
if we update the 'defaults' guessing in lxc-debconf and using higher
priority, then the outcome will be exactely like that.
> * Simplelxc hardly asks something. If needed parameters not given just
> do the defaults else only show help and stop.
that's how it already works, yes.
> * No advanced configuration or cli parameters to avoid confusion of
> users.
that's not a problem either; we can have debconf priority automatically
set to critical and frontend to non-interactive based on e.g. the
invokation name; such as 'lxc-create -t debian-simple'. if you insist,
this can even be a shortcut be in /usr/bin for that.
> * Simplelxc supports only one kind of networking (veth), preconfigures
> both host system and containers (not very good yet) and assumes the
> user will not change the configuration.
not so much of a problem to do the same in lxc-debconf.
> * Network architecture is nat based (because some wireless/ethernet
> drivers does not support to be added to a bridge) and ip addresses
> of new containers mainly managed automatically
not so much of a problem to do the same in lxc-debconf.
> * Simplelxc access to and controls continer's hostname, ipaddress and
> continer ssh authorized key when needed. (info, list, create and
> copy)
i think that's wrong; users should use lxc-console, or configure openssh
themselfs. it should not be the job of any lxc container creation script
to /configure/ services.
> Actually in my opinion many of these are shouldn't be done by lxc.
> But a wrapper like simplelxc is much more suitible for this.
why?
> My intention is not to replace lxc creation and mangement utils in lxc
> package but when I've started to develop simplelxc idea
but that's basically what you're proposing.
there are so called lxc templates (the scripts that setup a container,
for debian, using debootstrap). the one in debian, named lxc-debconf and
accessible through 'lxc-create -t debian' or 'lxc-create -t progress' is
rather sophisticated. it allows to completely non-interactively create
containers with a preseed file, or asking all questions to the user
through debconf at the same time if he uses to make use of that.
to make lxc-debconf behave exactely like simplelxc, there are only a
handful of lines required, and you get all the rest that it /can/ do and
what it does best for free. rather than making use of that, and
extending lxc-debconf, you need to replicate and maintain all the basics
of creating a debian based container from scratch.
or, to put it arrogantly over exagerating: it's not a good idea to try
to rewrite lxc-debconf just because you don't like one default in it's
option.
regarding maintainability: lxc-debconf is quite mature as it's tested in
many, many use cases. i had a look at your creation method, and i must
say it's inherently insecure, even the most basic things are missing to
prevent taking over the host system from within the container. if you
intend to continue simplelxc, i suggest you have a look at what
lxc-debconf does (and reuse that).
> But at first I was not sure about lxc-debconf
> development speed, it does not coming from upstream
once lxc-debconf works also for ubuntu systems (there are two things
missing for that, the ubuntu specific defaults in lxc-debconf itself,
and upstart support in linux-container; both will happen in a couple of
weeks) and thus replacing lxc-ubuntu too, i'll work on mainlining it
upstream.
> and seems like
> changing very fast and I didn't want to update my package that often.
that's why there's imho no point in having another seperate thing.
> Many people around me tested lxc with lxc-debian script shipped with
> debian lxc package but you need to give full path, so users must call
> something like "sudo /usr/lib/lxc/templates/lxc-debian -p
> /var/lib/lxc/test".
no, this is wrong and nowhere can you find that way of invoking it.
the correct and only way to invoke *any* lxc template is through:
lxc-create -t $name_of_the_template -n $name_of_the_container
e.g.:
lxc-create -t debian -n example.org
> Then it asks confusing questions like preseed file, distribution,
> archives, mirrors, archive areas for many users who are not familiar
> with debian. But many users just want to get a running container don't
> want to know which dist ribution they are using or not interested in
> using mirrors.
like i said; making the debconf priority in a 'simple' wrapper isn't a
problem, that way it would be reduced to the following:
lxc-create -t debian-simple -n example.org
and users would not see any question at all, while the same code is
running in the 'background'.
and right, the debconf texts should be explaining what it's all about
and what values should be entered for what reasons. just didn't got
arround doing that yet, patches welcome :).
Regards,
Daniel
--
Address: Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern
Email: daniel.baumann@progress-technologies.net
Internet: http://people.progress-technologies.net/~daniel.baumann/
Reply to: