Good Karma Kit

The Good Karma Kit is “a Docker Compose project to run on servers with spare CPU, disk, and bandwidth.” I like the idea in principle, but it is always a complex thing to do, because if you host unknown content, you can get in trouble easily (like pirated content or worst…)

In the last projects, I get used to use K8s CronJob(s) to schedule tasks.

I am always amused on how complex K8s/Docker Swarm are, and how easy “plain” docker is.

Bullet points:

1. 1979: Unix V7 Introduced the chroot command to isolate the filesystem a process "access" to.
2. Various technology was introduced up to 2006, like Virtuozzo (which patched Linux in a proprietary ways)
3. 2006: Process Containers Launched by Google in 2006 was designed for limiting, accounting and isolating resource usage (CPU, memory, disk I/O, network) of a collection of processes. It was renamed “Control Groups (cgroups)” a year later and eventually merged to Linux kernel 2.6.24.
4. 2008: LXC LXC (LinuX Containers) was the first, most complete implementation of Linux container manager. It was implemented in 2008 using cgroups and Linux namespaces, and it works on a single Linux kernel without requiring any patches.
5. 2013: Docker Docker used LXC in its initial stages and later replaced that container manager with its own library, libcontainer. Docker offered a way to configure and manage containers, i.e a standard de-facto for this technology. As you see Docker was based on cgroups and LXC, seven-years old technologies
6. On September 2014 Google published the first release of Kubernetes
7. In 2015 Docker, CoreOS and others founded the Open Container Initiative's (OCI). K8s does not need docker anymore to work, but Docker traction is still strong.

References:

My true personal opinion based on what customers asks and what co-worker uses:

In this second article, I suggest to explore further two simple helm chart for getting a bit more inside K8s.

K8s is a very complex beast. But it give you a very good set of security defaults, and it is also a very well done implementation of a microservice application.

Misterio is a  docker-compose based Ansible alternative.

Why

[UPDATED 21/3/2022]

I have a shiny mail server on gioorgi.com. I decided to manage it on first person because it is important to have tight control on your email, in my humble opinion. It is not strictly necessary, but lending your email address to big company like Googles, Microsoft, Yahoo and so on could be a issue if you get banned by them for whenever reason.