In my network configuration, some of my Docker containers, for example DNS, need to achieve high availability with Anycast. In my previous post , I created a Busybox container and run tail -f /dev/null , in order to let it persist infinitely, but without using any CPU cycles, to maintain a network namespace used by both the server application and BIRD. In short: I invented a Pod in Kubernetes on my own. I don't use K8S, since my nodes run individually rather than in a cluster, I don't need the cluster functionality of K8S at all. In addition, K8S is difficult to set up. But on another thought, a Busybox container seems like an overkill for this purpose, and I have to set the entrypoint manually. It would be great if I have a tiny Docker image that only sleeps indefinitely. Plan A:...
Static Build Tiny Docker Images
What's stored in Docker images can be seen as numerous tiny Linux systems. Most of them are based on Debian, Ubuntu, or Alpine, with extra software installed on top. Using a complete Linux distribution as the basis gives the benefit of having commonly used commands available, such as ls and cat . They are often used in the image-building process. In addition, they have comprehensive libraries of software packages, allowing users to create images that "just work" with apt-get . However, as soon as the image is built, these utilities become unnecessary burdens for disk space. In addition, a full Linux contains a service managing daemon, like SystemD or OpenRC, useless for Docker containers running only one program at a time. Although Docker images are "overlaid",...
x32 ABI and Docker Containers
History of x86 & x86_64, and x32 ABI Most of the personal computers and servers we use nowadays use the x86_64 architecture, whose specification was released by AMD in 2000 and the first processor released in 2003. Since x86_64 is a 64-bit architecture, in x86_64, each register in the CPU can hold 64 bits of data (or 8 bytes). Before x86_64 went popular, most computers used Intel processors, and the corresponding x86 architecture / ISA, a 32-bit architecture whose registers hold 32 bit of data (or 4 bytes). One significant improvement of the 64-bit architecture is the improved memory addressing ability. Computers usually follow such a routine while accessing the memory: write the memory address to be accessed into a register,...
Sharing Network Namespace Among Docker Containers for Bird Anycasting
At exactly one year ago, I set up an Anycast service with Docker in the DN42 network (Chinese only atm) . Back then, I customized the container's image and added a Bird installation to it, then put in a config file to broadcast Anycast routes via OSPF. However, as time went by, a few problems were exposed: The process of installing Bird takes time. Instead of installing Bird with apt-get , since my Dockerfiles need to support multiple architectures (Chinese only atm) , and Bird isn't available in some architecture's repos for Debian. And since my building server is AMD64, and is running images of other architectures with qemu-user-static (Chinese only atm) , a lot of instruction translation is needed in the image building and software compilation progress, which is extremely inefficient....