On Fri, Dec 11, 2015 at 12:33 PM, Joe Brockmeier <jzb@xxxxxxxxxx> wrote: > On 12/11/2015 02:23 PM, Chris Murphy wrote: >> >> These I have running in a fedora container. lspci mostly works, but >> getting full -vvnn detail requires --privileged=true. And the other >> three require it. iotop additionally needs --net=host. I'd be OK with >> them just being available in a container, but it might make more sense >> to just include them in the atomic ISO installation, maybe even >> borrowing a list from the Server product? > > We want, as much as possible, to keep the image small and run all the > things in containers where possible. > > If there's something where that just won't work, or is ludicrously > difficult, we should discuss including it. I think these may be needed in the ISO: cryptsetup - needed to boot encrypted devices rng-tools - this includes rngd, seems useful for all containers esp in a cloud context. Even with --privileged=true I get: # systemctl start rngd Failed to get D-Bus connection: Operation not permitted # systemctl status rngd Failed to get D-Bus connection: Operation not permitted Also, a way to separate kernels from the rest of the current tree. Right now I'm on atomic 23.29, the previous tree I have installed is way back to 23 (because it's an ISO installation), but I'm encountering a kernel regression. It's very suboptimal to have to rollback everything to 23, rather than just the kernel. Stepping the kernel forward independently from the cloud atomic host tree is maybe even better in some instances than rolling back. -- Chris Murphy _______________________________________________ cloud mailing list cloud@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/cloud@xxxxxxxxxxxxxxxxxxxxxxx
