The third weekly development report. Feel free to send PRs if you want to add to these reports (or correct them).
Daniel Finneran @thebsdbox from HPE added support for building vmdk images #1357. There is discussion of extending this to producing VMX files in issue #1366.
We continued to invite people to participate; if you have any suggestions for additional people who are interested please let us know.
Welcome everyone, looking forward to your contributions and working with you. Please open issues on github if you need help, or ask on #moby in the Docker community slack.
An additional project was added for adding SELinux support, which has been on the roadmap for a while. Tycho (@tych0) from Docker is currently working on this.
A WIP PR for the HPE OKernel work was added #1373, this should be included with its runtime tools soon.
The big change this week was reworking the command line tool, so it now has moby build and moby run options. The aim of the moby run option is to cover the simple cases
where you want to test out an image you have built; it is not intended as a production tool, just as a simpler workflow for testing. The aim is to have a default option per
platform, such as the hyperkit option there is for MacOS now, so we will add Qemu/KVM support for Linux and Hyper-V support for Windows. In addition there will be support for
optional drivers, such as local VMWare Fusion, as discussed in #1357 which can have their own custom options; we will probably add the GCE
support here too to make it even simpler to run.
In addition to moby build and moby run we have previously discussed adding a moby cluster type option to simply create a cluster, by default with infrakit, essentially as a
simple infrakit wrapper. Again this is not intended for production use but just to run simple test and development cases. For production that plan is that moby build can produce
the artifacts you need for your production ops tooling.
A whole lot more code has been moved to Go code this week; in addition to the hyperkit bindings, some of the Docker containers that we were using for build have been removed. The next
change there is to rewrite the very indirect use of riddler running in a container that we started using in the old Editions code some months ago to a cleaner way. We plan to use more
image handling code from containerd in future for unpacking the root filesystems, as it should make the code much cleaner.
More test code was added by Rolf in #1363, for testing the vsock and hvsock code we use a lot in Docker Editions. Dave Tucker (@dave-tucker) from Docker is going to be working on configuring CI to run additional tests #1336, so we get solid test coverage on different platforms and can provide CI for projects and new platforms. This includes CI on both cloud and bare metal platforms, and the ability to test with VMs.
We continued to move code around the repo; not everything is in the right place yet but it should become clearer where to find things, and some unused parts were deleted. We will sprinkle READMEs around soon to help navigation.
Containerd was updated to master; while Moby runs containerd, we are actually starting system services thought runc still, as the rate of change on containerd has been very
rapid. The addition of container level Prometheus metrics to containerd this week means that we will be able to get system
container metrics out of Moby once we switch, so will try to do this soon.
There was some more documentation added this week, but this continues to be a priority. We cleaned up some old issues, but more need closing.
We are all quite fond of the "moby" codename this project has had since late 2015; see the first commit for the original plan. However this has always been a temporary name, and any suggestions for a permanent one welcomed. So do not be surprised if we rename the repo at some point soon.
- there will be a talk by @justincormack on Moby (currently billed as containerd...)
- there will be a Docker Security talk with @riyazdf (
Secure Substrate: Least Privilege Container Deployment) that will highlight Moby - there will be a session and lots of time to talk at the Thursday summit - get in touch if you need an invite.