github.com/containerd/containerd@v22.0.0-20200918172823-438c87b8e050+incompatible/reports/2017-04-28.md (about)

     1  # Development Report for April 28, 2017
     2  
     3  Sorry for the slow reports lately.  Last week was Dockercon and many people inside Docker and external contributors where in Austin for the week.  It was a long week and we didn't get much work done on the project but it was good meeting everyone IRL and putting a face to the github handle.  Also, thank you to everyone that stayed a day late to attend the summit on Thursday.  You can see the summit notes at the bottom of this report.
     4  
     5  ## New Projects to the Org.
     6  
     7  We are looking to move some of our dependencies used by containerd into the org.  We want to have a simple maintainer model for containerd and any other repository that is added to the org.  Basically, if you are a maintainer of containerd, you are a maintainer on all of the repos.  We don't want to have separate maintainers for the various parts as we should all share the responsibility for quality and stability for the project as a whole.
     8  
     9  We have an issue on github discussing the various projects that we want to add.  If you have any feedback please let us know on the issue below.
    10  
    11  [projects!](https://github.com/containerd/containerd/issues/772)
    12  [process](https://github.com/containerd/containerd/pull/779)
    13  
    14  ## Darwin/BSD Port
    15  
    16  Justin has begun work on porting over containerd to Darwin and BSD.  `ctr` compiles and there were a few changes in terminal handling that had to be made but overall its going fairly smooth.  You can ping @justincormack for more information or if you are interested in working on something like a BSD jails port of `runc`.
    17  
    18  ## Introspection
    19  
    20  @AkihiroSuda has been working on introspection RPCs to make sure consumers know the services and features that they are interacting with.  There is still a lot to consider when exposing service versions, containerd versions and functionality; if you have any input you can take a look at the current PR [here](https://github.com/containerd/containerd/pull/776).
    21  
    22  ## Expanded Registry Support
    23  
    24  @dmcgowan has been working on expanding registry support with authentication in [783](https://github.com/containerd/containerd/pull/783).  This expands registry support for gcr.io, Dockerhub, and local registries.
    25  
    26  
    27  ## Task List for week of May 1
    28  
    29  So, now that we are all back from Dockercon and not rested at all, what's on the agenda for next week?
    30  
    31  * Docker Integration Pass
    32  	- Replace the current v0.2.x branch of containerd in Docker for execution with the 1.0 execution service
    33  * Converge Event Handling
    34  * Move new projects into containerd organization
    35  * New Layer creation for supporting build
    36  * Continue work on metadata service
    37  	- container
    38  	- layer
    39  	- image
    40  	- namespace support
    41  
    42  If are you looking for areas to contribute to containerd just take a pass through the issue tracker.  There are issues such as [770](https://github.com/containerd/containerd/issues/770) that could use some help in solving as well as other.  Also feel free to stop by the slack channel for containerd to chat and find ideas on what needs to be developed next.
    43  
    44  ## containerd Summit Notes
    45  
    46  Here are the notes from the containerd summit that was held after Dockercon.  If there are important to you and you would like to start working on a feature, fix, request, please go ahead and open an issue on github.  Just remember, we shouldn't have to have a summit to get things into containerd.  Open issues, disscuss with other members of the community and write the code ;)
    47  
    48  * “Since containerd is one of the bottom bricks in the stack, how can we setup automated integration tests for consumers of containerd?”
    49  	- Looking for others to provide compute (testing within Docker, K8s, Microsoft)
    50  	- Would we publish results of integration tests, not likely per PR
    51  	- K8s had a similar problem, solved by pushing builds to buckets and creating dashboards from results pushed back to buckets
    52  	- Need tests for projects containerd is integrated with (Windows, runv), testing containerd connection to shims
    53  * “We'd like to propose an Authorization plugin to containerd that would allow an external component to police events like container start & stop (and have a discussion about the best way to go about it)”
    54  	- Need to look into how it could be implemented with containerd
    55  	- Possible to be done by MITM the GRPC socket
    56  	- Currently seen as out of scope for server, can be done via client (or proxy), we could build a client package to support this so it does not have to be implemented by each integrator.
    57  	- Currently only unix socket allowed which prevents unauthorized access
    58  * “Should containerd provide image filesystem metrics? If yes, what metrics should be included? How to implement that?”
    59  	- Previously discussed, yes, PR to provide this information through the snapshot interface.
    60  	- Figuring out what is being shared, could figure out it from mapping layers to images
    61  * “Support for disk quotas: How? What is the role of containerd? How is it going to be integrated with volume managers that want to be in the same quota group?”
    62  	- Expanding question, “will each snapshot driver have a quota system? What is the granularity, per container, global?”
    63  	- Stephen’s hope is that quota management can be done based on the returned mounts, otherwise need to figure out quota abstraction
    64  	- Could we rely on work being done for volumes with CSI
    65  	- Need to open up issue to discuss project quotas and general snapshot quotas
    66  * “Checkpoint/Restore: how can we support more use cases? One of the big issues here is the large number of options that can be passed to CRIU.”
    67  	- Not currently in Containerd, requires runc update as well
    68  	- Need to figure out a way to pass in options opaquely
    69  	- Needs to be discuss with Michael for what best solution for runc will be
    70  	- Today caller must know runtime since runtime spec is passed opaquely on create to runtime
    71  * “How to support multi-OS docker images, for example, Linux Vs Windows using one graph driver plugin properly?”
    72  	- From looking into implementing linux containers on HyperV
    73  	- Missing options when creating rootfs to specify the snapshot driver
    74  	- Containerd will support running multiple snapshotter
    75  	- Timeline, Docker will first use update runtime after stabilizing
    76  * “Containerd is acting as init system in LinuxKit, is there a plan to support what init systems support”
    77  -	 Containerd was not implemented as an init system, we are not trying to compete with it. A higher level init system could be implemented with it.
    78  * “Will containerd be able to leverage runtime plugins specified within Docker?”
    79  	- Docker would have to orchestrate re-configuring containerd with the new runtime
    80  	- Currently cannot hotswap plugins, runtime and shim are built in
    81  	- Would require defining plugin interface or getting go 1.8 plugins working
    82  	- We could have a plugin which connects to a grpc address
    83  	- Resolved in rocket by first allowing downloading a runtime and running it as privileged
    84  	- Need to open up an issue to discuss this
    85  * “What do we want from orchestrator who are looking at integration?”
    86  	- Feedback is biggest
    87  	- Currently targeting K8s and SwarmKit to keep API grounded
    88  	- Starting PoCs now, we have already made changes based on early feedback