Changes/Atomic Cloud Image

From FedoraProject

< Changes(Difference between revisions)
Jump to: navigation, search
(Wrote an initial version of the proposal)
Line 1: Line 1:
{{admon/important | Comments and Explanations | MOSTLY EMPTY TEMPLATE AWAITING WORK}}
 
 
 
 
= Docker Cloud Image =
 
= Docker Cloud Image =
  
 
== Summary ==
 
== Summary ==
Fedora Cloud agreed to make a base image plus several tailored to specific purposes. This is one of the tailored ones — Docker host ready to go.
+
New Fedora product: Fedora Docker Cloud Image - Docker host ready to go.
  
 
== Owner ==
 
== Owner ==
<!--
+
* Name: Cloud SIG / [[User:red|Sandro Mathys]]
For change proposals to qualify as self-contained, owners of all affected packages need to be included here. Alternatively, a SIG can be listed as an owner if it owns all affected packages.
+
* Email: red@fedoraproject.org
This should link to your home wiki page so we know who you are.
+
-->
+
* Name: [[User:FASAcountName| Your Name]]
+
<!-- Include you email address that you can be reached should people want to contact you about helping with your change, status is requested, or technical issues need to be resolved. If the change proposal is owned by a SIG, please also add a primary contact person. -->
+
* Email: <your email address so we can contact you, invite you to meetings, etc.>
+
 
* Release notes owner: <!--- To be assigned by docs team [[User:FASAccountName| Release notes owner name]] <email address> -->
 
* Release notes owner: <!--- To be assigned by docs team [[User:FASAccountName| Release notes owner name]] <email address> -->
 
<!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo)
 
<!--- UNCOMMENT only for Changes with assigned Shepherd (by FESCo)
 
* FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address>
 
* FESCo shepherd: [[User:FASAccountName| Shehperd name]] <email address>
 
-->
 
-->
<!--- UNCOMMENT only if this Change aims specific product, working group (Cloud, Workstation, Server, Base, Env & Stacks)
+
* Product: Docker Cloud Image (duh!)
* Product:
+
* Responsible WG: Cloud
* Responsible WG:
+
-->
+
  
 
== Current status ==
 
== Current status ==
* Targeted release: [[Releases/<number> | Fedora <number> ]]  
+
* Targeted release: [[Releases/21 | Fedora 21 ]]  
* Last updated: (DATE)
+
* Last updated: 2014-04-05
 
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page  
 
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page  
 
Bugzilla states meaning as usual:
 
Bugzilla states meaning as usual:
Line 38: Line 28:
  
 
== Detailed Description ==
 
== Detailed Description ==
<!-- Expand on the summary, if appropriate. A couple sentences suffices to explain the goal, but the more details you can provide the better. -->
+
Fedora Cloud agreed to make a base image plus several tailored to specific purposes. This is one of the tailored ones — Docker host ready to go. While basically that simply means only just adding docker-io to the base image, this is (also) intended to be our response to CoreOS. Therefore, depending on further discussion and user input, we might also add [https://github.com/coreos/etcd etcd] and [https://github.com/coreos/fleet fleet] to the mix.
 +
 
 +
Furthermore, the Cloud SIG considers this their most radical image, riding the very front of the leading edge. (Yeehaw!) Several approaches (read: bonus objectives) are under consideration but not crucial to the product itself:
 +
* [http://rpm-ostree.cloud.fedoraproject.org/ Fedora Atomic Initiative] (aka rpm-ostree) to allow for atomic updates. We might further choose to remove yum/dnf from the image in favor of ostree.
 +
* Replace cloud-init with min-metadata-service, CoreOS' cloud-init or other alternatives. We'd like to find a leaner solution (read: less Requires) and one that is better (or easier) tailored to Fedora.
 +
* Remove Python from this image to reduce the footprint. Note, that this can only be achieved if yum/dnf AND cloud-init are replaced by other solutions as explained in the above points.
 +
 
 +
It should be noted that most of these tools are currently under heavy construction but might be ready in time. If they are, it's still up to discussion whether they will be included. If they aren't, we might punt them to F22 or later. Either way, they won't impact the completion of this change's main goals and are only listed for completeness' sake.
  
 
== Benefit to Fedora ==
 
== Benefit to Fedora ==
<!-- What is the benefit to the platform?  If this is a major capability update, what has changed?  If this is a new functionality, what capabilities does it bring? Why will Fedora become a better distribution or project because of this proposal?-->
+
* Users get a quick and easy way to use/try Docker (containers) in their favorite IaaS cloud.
 +
* Our answer to CoreOS.
 +
* Easier for Docker fans to become fans of Fedora, too.
  
 
== Scope ==
 
== Scope ==
<!-- What work do the developers have to accomplish to complete the change in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
+
Regarding the core objective, it's just about creating a new kickstart file (probably even %include-ing the base one) add some minor stuff and make sure it gets built into a new image.
  
* Proposal owners:
+
Also, for added security, we'd like to see Docker and SELinux integrate better. There's already work going on about this.
<!-- What work do the feature owners have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
+
  
* Other developers: N/A (not a System Wide Change) <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
+
The bonus objectives (i.e. leading edge approaches) further require:
<!-- What work do other developers have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
+
* ostree to work with SELinux
 
+
* Creating a filesystem tree for ostree that equals the filesystem of the image as created by traditional means
* Release engineering: N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
+
* min-metadata-service to gain the ability to execute scripts just like cloud-init does
<!-- Does this feature require coordination with release engineering (e.g. changes to installer image generation or update package delivery)?  Is a mass rebuid required?  If a rel-eng ticket exists, add a link here.  -->
+
* CoreOS' cloud-init or other alternatives to be packages (and possibly tailored) for Fedora
 
+
* Policies and guidelines: N/A (not a System Wide Change) <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
+
<!-- Do the packaging guidelines or other documents need to be updated for this feature?  If so, does it need to happen before or after the implementation is done?  If a FPC ticket exists, add a link here. -->
+
  
 
== Upgrade/compatibility impact ==
 
== Upgrade/compatibility impact ==
<!-- What happens to systems that have had a previous versions of Fedora installed and are updated to the version containing this change? Will anything require manual configuration or data migration? Will any existing functionality be no longer supported? -->
 
 
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
 
 
N/A (not a System Wide Change)  
 
N/A (not a System Wide Change)  
  
 
== How To Test ==
 
== How To Test ==
<!-- This does not need to be a full-fledged document. Describe the dimensions of tests that this change implementation is expected to pass when it is done.  If it needs to be tested with different hardware or software configurations, indicate them.  The more specific you can be, the better the community testing can be.
+
N/A (not a System Wide Change)
 
+
Remember that you are writing this how to for interested testers to use to check out your change implementation - documenting what you do for testing is OK, but it's much better to document what *I* can do to test your change.
+
 
+
A good "how to test" should answer these four questions:
+
 
+
0. What special hardware / data / etc. is needed (if any)?
+
1. How do I prepare my system to test this change? What packages
+
need to be installed, config files edited, etc.?
+
2. What specific actions do I perform to check that the change is
+
working like it's supposed to?
+
3. What are the expected results of those actions?
+
-->
+
 
+
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
+
N/A (not a System Wide Change)  
+
  
 
== User Experience ==
 
== User Experience ==
<!-- If this change proposal is noticeable by its target audience, how will their experiences change as a result?  Describe what they will see or notice. -->
 
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
 
 
N/A (not a System Wide Change)  
 
N/A (not a System Wide Change)  
  
 
== Dependencies ==
 
== Dependencies ==
<!-- What other packages (RPMs) depend on this package?  Are there changes outside the developers' control on which completion of this change depends?  In other words, completion of another change owned by someone else and might cause you to not be able to finish on time or that you would need to coordinate?  Other upstream projects like the kernel (if this is not a kernel change)? -->
 
 
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
 
 
N/A (not a System Wide Change)  
 
N/A (not a System Wide Change)  
  
 
== Contingency Plan ==
 
== Contingency Plan ==
<!-- If you cannot complete your feature by the final development freeze, what is the backup plan?  This might be as simple as "Revert the shipped configuration". Or it might not (e.g. rebuilding a number of dependent packages). If you feature is not completed in time we want to assure others that other parts of Fedora will not be in jeopardy.  -->
+
If any of the bonus objectives fail to make it in time, we simply go on without them and use the established mechanisms (i.e. what F20 did or what the F21 Fedora Base Cloud Image does) instead.
* Contingency mechanism: (What to do?  Who will do it?) N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
+
 
<!-- When is the last time the contingency mechanism can be put in place?  This will typically be the beta freeze. -->
+
If all fails, there simply won't be a Fedora Docker Cloud Image product for F21.
* Contingency deadline: N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
+
 
<!-- Does finishing this feature block the release, or can we ship with the feature in incomplete state? -->
+
* Blocks product? Yes, Docker Cloud Image (duh!)
* Blocks release? N/A (not a System Wide Change), Yes/No <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
+
* Blocks product? product <!-- Applicable for Changes that blocks specific product release/Fedora.next -->
+
  
 
== Documentation ==
 
== Documentation ==
<!-- Is there upstream documentation on this change, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
 
 
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
 
 
N/A (not a System Wide Change)  
 
N/A (not a System Wide Change)  
  
 
== Release Notes ==
 
== Release Notes ==
<!-- The Fedora Release Notes inform end-users about what is new in the release.  Examples of past release notes are here: http://docs.fedoraproject.org/release-notes/ -->
+
New Fedora product: Fedora Docker Cloud Image!
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns.  If there are any such changes involved in this change, indicate them here.  A link to upstream documentation will often satisfy this need.  This information forms the basis of the release notes edited by the documentation team and shipped with the release.
+
  
Release Notes are not required for initial draft of the Change Proposal but has to be completed by the Change Freeze.  
+
Docker is an easy to use interface for running application containers on Linux. Fedora is uniquely positioned to provide the best platform for Docker, since this container technology is not a security solution, but can be made reasonably secure when wrapped with SELinux.  
-->
+
 
 +
TODO: include notes if any of the bonus objectives are included.
  
 
[[Category:ChangePageIncomplete]]
 
[[Category:ChangePageIncomplete]]

Revision as of 06:30, 5 April 2014

Contents

Docker Cloud Image

Summary

New Fedora product: Fedora Docker Cloud Image - Docker host ready to go.

Owner

  • Name: Cloud SIG / Sandro Mathys
  • Email: red@fedoraproject.org
  • Release notes owner:
  • Product: Docker Cloud Image (duh!)
  • Responsible WG: Cloud

Current status

  • Targeted release: Fedora 21
  • Last updated: 2014-04-05
  • Tracker bug: <will be assigned by the Wrangler>

Detailed Description

Fedora Cloud agreed to make a base image plus several tailored to specific purposes. This is one of the tailored ones — Docker host ready to go. While basically that simply means only just adding docker-io to the base image, this is (also) intended to be our response to CoreOS. Therefore, depending on further discussion and user input, we might also add etcd and fleet to the mix.

Furthermore, the Cloud SIG considers this their most radical image, riding the very front of the leading edge. (Yeehaw!) Several approaches (read: bonus objectives) are under consideration but not crucial to the product itself:

  • Fedora Atomic Initiative (aka rpm-ostree) to allow for atomic updates. We might further choose to remove yum/dnf from the image in favor of ostree.
  • Replace cloud-init with min-metadata-service, CoreOS' cloud-init or other alternatives. We'd like to find a leaner solution (read: less Requires) and one that is better (or easier) tailored to Fedora.
  • Remove Python from this image to reduce the footprint. Note, that this can only be achieved if yum/dnf AND cloud-init are replaced by other solutions as explained in the above points.

It should be noted that most of these tools are currently under heavy construction but might be ready in time. If they are, it's still up to discussion whether they will be included. If they aren't, we might punt them to F22 or later. Either way, they won't impact the completion of this change's main goals and are only listed for completeness' sake.

Benefit to Fedora

  • Users get a quick and easy way to use/try Docker (containers) in their favorite IaaS cloud.
  • Our answer to CoreOS.
  • Easier for Docker fans to become fans of Fedora, too.

Scope

Regarding the core objective, it's just about creating a new kickstart file (probably even %include-ing the base one) add some minor stuff and make sure it gets built into a new image.

Also, for added security, we'd like to see Docker and SELinux integrate better. There's already work going on about this.

The bonus objectives (i.e. leading edge approaches) further require:

  • ostree to work with SELinux
  • Creating a filesystem tree for ostree that equals the filesystem of the image as created by traditional means
  • min-metadata-service to gain the ability to execute scripts just like cloud-init does
  • CoreOS' cloud-init or other alternatives to be packages (and possibly tailored) for Fedora

Upgrade/compatibility impact

N/A (not a System Wide Change)

How To Test

N/A (not a System Wide Change)

User Experience

N/A (not a System Wide Change)

Dependencies

N/A (not a System Wide Change)

Contingency Plan

If any of the bonus objectives fail to make it in time, we simply go on without them and use the established mechanisms (i.e. what F20 did or what the F21 Fedora Base Cloud Image does) instead.

If all fails, there simply won't be a Fedora Docker Cloud Image product for F21.

  • Blocks product? Yes, Docker Cloud Image (duh!)

Documentation

N/A (not a System Wide Change)

Release Notes

New Fedora product: Fedora Docker Cloud Image!

Docker is an easy to use interface for running application containers on Linux. Fedora is uniquely positioned to provide the best platform for Docker, since this container technology is not a security solution, but can be made reasonably secure when wrapped with SELinux.

TODO: include notes if any of the bonus objectives are included.