search

subuser-security / subuser

Run programs on linux with selectively restricted permissions.
http://subuser.org
GNU Lesser General Public License v3.0
890 stars 65 forks source link

ROADMAP peter1000 #61

Closed peter1000 closed 10 years ago

peter1000 commented 10 years ago

I thought you should know my plans:

I'm still not sure if docker does what I hope for:

I will invest 1or 2 more days into subuser:

Plan to implement in subuser

timthelion commented 10 years ago

Compressed images should be saved in the docker-image folder for each program I think, this makes for a pretty clear paradigm, that we have different instalation methods:

peter1000 commented 10 years ago

but than the compressed image resides with the Dockerfile and maybe other external folders files like with some shell script baseimages

Anyway: docker-image folder is fine for me

timthelion commented 10 years ago

As for my roadmap, my next todo item is this: https://github.com/subuser-security/subuser/issues/13

peter1000 commented 10 years ago

UPDATE: TODO PETER1000

==DONE thanks to tim (looks like a nice solution)

peter1000 commented 10 years ago

UPDATE: TODO PETER1000

peter1000 commented 10 years ago

UPDATE: TODO PETER1000

timthelion commented 10 years ago

I presume that basically you're just going to make a command:

subuser pack-program-for-transport program-name

Which just does docker save subuser-<program-name> and put the tarbal in programsThatCanBeInstalled/program-name/docker-image/savedImage.tar.gz

Then have it so that subuser install --from-packed-image program-name does docker load blablabla and then tags that image approprietly?

peter1000 commented 10 years ago

Yes No. I had in mind on comand: save-compressed-image as it would better describe what it does: but I'm also fine with any other name.

Which just does docker save subuser-<program-name> and put the tarbal in programsThatCanBeInstalled/program-name/docker-image/savedImage.tar.gz

Yes only in xz compressed format.

Then have it so that subuser install --from-packed-image program-name does docker load blablabla and then tags that image approprietly?

Yes: for that we needed the ImageID somewhere save: installed-package.json so that we can correctly Tag it when loading from the compressed file.

Command I planned a bit different: subuser install --from-packed-image but would be fine.

BUT: my idea was to be used like --from-cache: as an option so if it finds any needed dependency ect.. in an image it could use this: and not so much as explicating installing from it.

timthelion commented 10 years ago

Could you possibly save the imageID in the filename? Like save the images to a name of the format programsThatCanBeInstalled/firefox/docker-image/saved-image-9cc9ea5ea540.tar.gz ?

peter1000 commented 10 years ago

Might be a good idea in case the install-program.json is deleted or so :+1:

BUT: I suggest still the full ID: from your function ans not the short version: using the program name

programsThatCanBeInstalled/firefox/docker-image/firefox-image-9cd978db300e27386baa9dd791bf6dc818f13e52235b26e95703361ec3c94dc6.tar.xz

peter1000 commented 10 years ago

I'm out for today: cheers P

peter1000 commented 10 years ago

tomorrow or so:

UPDATE: TODO PETER1000

peter1000 commented 10 years ago

UPDATE: TODO PETER1000

peter1000 commented 10 years ago

Tim: what is your opinion on a global available-docker-images.json similar to the installed-programs.json

I think it would be a good idea not needing to go all the time through all subuser program folders to see which one has an saved image?

peter1000 commented 10 years ago

In such case should I but the image-registry code in a separate module or just added it to subuserlib/registry.py

timthelion commented 10 years ago

No, please do not create a global available-docker-images.json file. I would like it to be as easy as possible to add a new program to the programsThatCanBeInstalled directory as possible. It should be trivial to simply copy a folder around that has a programThatCanBeInstalled in it.

peter1000 commented 10 years ago

But that would not at all effect it: the available-docker-images.json could be rebuild

OK I can do it without it: but there will be much more code lookup and files reading needed

e.g. user wants to install 10 programs using --from-image where images available

Means for each program and each dependency: one has to look in the docker-file folder if we have an image: than read the json file for the ID so it can be Tag ect..

timthelion commented 10 years ago

On linux, reading a file multiple times is not a problem. It is the same as reading from memory due to caching.

peter1000 commented 10 years ago

ok, all in memory it is ... come later back with the code

peter1000 commented 10 years ago

with this I will start to but main functions in the prober place: subuserlib and have the command importing them: so we can get rid of subprocess callings

Do you want one module for important task functions or split them into multiple once?

Not so important now but just a question:

fro the time being I call it: subuserlib/tasks

timthelion commented 10 years ago

Split them please.

peter1000 commented 10 years ago

OK

peter1000 commented 10 years ago

Got sidetracked with the possible space issue in the docker tags.

Anyway, I must close for today - hope you can still merge the pull-reguest

Cheers P

peter1000 commented 10 years ago

TODAY: PLAN PETER1000

timthelion commented 10 years ago

Sorry for the delays in communication, I was out with my girlfriend all day walking in the woods. It seems you've done a lot of great work while I was gone. I'll try to process your pull requests as quickly as possible.

peter1000 commented 10 years ago

No Problem at all: the lady is very important :+1:

many good things still coming

peter1000 commented 10 years ago

hi, want have time for the next couple of days or so

timthelion commented 10 years ago

Just so you know. I just got webcam support working with skype!

peter1000 commented 10 years ago

:+1: