[tor-bugs] #21824 [Applications/Tor Browser]: Investigate using runc instead of docker
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Mar 26 15:36:08 UTC 2017
#21824: Investigate using runc instead of docker
------------------------------------------+--------------------------------
Reporter: boklm | Owner: boklm
Type: task | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
| TorBrowserTeam201703
Actual Points: | Parent ID: #17379
Points: | Reviewer:
Sponsor: |
------------------------------------------+--------------------------------
In the rbm based build system, we are currently using docker to run the
builds in containers. We could use runc instead of docker to run the
containers:
https://runc.io/
Packages for runc are available for Debian in the jessie-backports
repository.
Ubuntu provides some base images as tar.gz, signed with gpg, that we can
use as the containers rootfs:
http://cdimage.ubuntu.com/ubuntu-base/releases/
Debian does not seem to provide the same base images. However, we can
generate some using debootstrap from an Ubuntu container.
Using runc instead of docker to start the containers would have some
advantages:
- this avoids having to trust the debian and ubuntu images from the docker
repository. Instead we can use an image directly from ubuntu.
- the container images would be stored in the `out/` directory, rather
than in `/var/lib/docker`, which make cleaning easier.
- running i386 containers with runc seems to be working. Using an i386
container would simplify the build of linux32 versions of Tor Browser.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21824>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list