Use chroot jails instead of pure unshare
Unshare has two problems. A) It still allows filesystem access, which future plans with multiple hosts, docker, etc. will break with, so switching now allows several of these "cheats" to be found and closed now; and B) unshare is broken on CentOS and doesn't actually jail the mounts as stated by the spec.
Hence, we can't rely on bind mounting to separate configurations of various co-existing applications (zookeeper.1 and .2, midolman .1 and .2 getting bind mounted in an unshare jail to /etc/zookeeper and /etc/midolman, etc.). So, instead we can copy all of the relevant configs to a /tmp/zephyr/config1 and /tmp/zephyr/config2 (each would have it's own /etc/zookeeper and /etc/midolman, etc, as well as it's own /var/lib and /var/log dirs) and then launch a chroot jail on that specific config dir, then bind-mount important global dirs like /usr. This would make the jail that actually runs zookeeper and midolman look like its own system without having overlapping configs or any runtime filesystem access.
When the move is made to go to dockers or separate hosts, this would be an easier jump if the filesystems were already jailed off.
Possible problem: chroot does NOT jail UTS (hostname, network) access. Although networks will still be jailed via the ip netns system, hostname changes would still be global unless unshare --uts is still used!
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Michael Micucci
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by