Evaluate viability of switching to Docker #14

Open
opened 4 months ago by DarkFeather · 1 comments
Owner

We previously had tried to replace our current 2x1U SuperMicro X8 ecosystem with a QEMU+GlusterFS cluster of 5 RaspberryPi 4's. That didn't scale enough to even boot the ArchLinux ISO.

However, a new video from Network Chuck shows using Rancher to orchestrate a Kubernetes cluster. Some of our applications may work well in a Docker environment, like TT-RSS, Gitea, etc. Some may be able to work natively on a Pi, like Emby or SFTP.

Others, though, need some more evaluation. Pipelines like Sharingan and WolfPack are complex and load intensive on their current frames. We'd also need to evaluate the syslog-ng ingest layer we'd have to add on top of our containers to make sure data is being pulled in correctly.

At the moment, this is on pause as Ubiqtorate still needs to finish going live and we need to focus on getting our cybersecurity services more ingestible for demos. We may look at a targeted migration of apps for a partial roll-out at some point. Starting this thread to record conversation and ideas.

We previously had tried to replace our current 2x1U SuperMicro X8 ecosystem with a QEMU+GlusterFS cluster of 5 RaspberryPi 4's. That didn't scale enough to even boot the ArchLinux ISO. However, a [new video from Network Chuck](https://www.youtube.com/watch?v=X9fSMGkjtug) shows using Rancher to orchestrate a Kubernetes cluster. Some of our applications may work well in a Docker environment, like TT-RSS, Gitea, etc. Some may be able to work natively on a Pi, like Emby or SFTP. Others, though, need some more evaluation. Pipelines like Sharingan and WolfPack are complex and load intensive on their current frames. We'd also need to evaluate the syslog-ng ingest layer we'd have to add on top of our containers to make sure data is being pulled in correctly. At the moment, this is on pause as [Ubiqtorate](/AniNIX/Ubiqtorate) still needs to finish going live and we need to focus on getting our cybersecurity services more ingestible for demos. We may look at a targeted migration of apps for a partial roll-out at some point. Starting this thread to record conversation and ideas.
DarkFeather added the
On-hold
RFC
labels 4 months ago
Poster
Owner

Services with available docker images:

Service we need to compose Docker images for:

Notes:

Services with available docker images: * Foundation: https://docs.gitea.io/en-us/install-with-docker/ * Geth: https://www.home-assistant.io/installation/linux#platform-installation * IRC: https://github.com/inspircd/inspircd-docker / https://github.com/anope/anope-docker * Nazara: https://hub.docker.com/r/pihole/pihole/ * Sharingan: https://github.com/Graylog2/graylog-docker * Singularity: https://git.tt-rss.org/fox/ttrss-docker-compose/src/branch/static-dockerhub/README.md * Yggdrasil: https://emby.media/docker-server.html Service we need to compose Docker images for: * [Aether](/AniNIX/Aether) * [CryptoWorkbench](/AniNIX/CryptoWorkbench) * [Maat](/AniNIX/Maat) * [TheRaven](/AniNIX/TheRaven) * [WolfPack](/AniNIX/WolfPack) Notes: * Security is likely better with our current model -- Applications are either shared safely, or are jailed to a dedicated VM. https://security.stackexchange.com/questions/169642/what-makes-docker-more-secure-than-vms-or-bare-metal * Performance is better with our current model. This may be marginal, but since we are low-cost, any performance improvement is important. * https://k6.io/blog/wordpress-bare-metal-vs-wordpress-docker-performance-comparison/ * https://www.blackvoid.club/plex-bare-metal-or-docker/ * Our current model requires less rework.
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Loading…
There is no content yet.