[ale] Hey! Meeting week!

Tue Jun 14 17:21:25 EDT 2016

Not certain I can make it in-person. Remote in?

I didn't memorize the presentations and SELF presentations usually require about
a month to be posted to youtube. Did take notes for myself for many of the
sessions attended. Sometimes, my notes boil down to "use A, not B" ... but I
didn't capture the "why." Sorry.

I've been on libvirt + KVM for about 6 yrs.  The newer releases have native
support for containers (which I haven't used) since none of my production
systems use containers.  If I can actually implement the security best practices
for containers, which is non-trivial, may, switch a few over to be containers. I
will NOT be grabbing any pre-build containers. THAT is certain.

After all, if the hostOS is compromised, the war is lost.

I attended almost all the container/docker/virtualization and video/photography
sessions:
https://docs.google.com/document/d/1Lsr8CMw_fZMUFA89lyQBjYSGiXRqjcs2Ug-kN_bCg24/edit?pref=2&pli=1
Also attended the Routing With Linux session. This was based on the Ars article.
Basically, he used a small Ubuntu Linux, manually turned it into a router, added
about a page of iptables rules and said it was faster after doing some
throughput testing.  iperf testing didn't count; something about really pusing
data through that makes the cheap routers fail though iperf shows them handling
GigE performance without issue. Had some good reasons to prefer a current,
maintained, Linux distro over pre-made BSD router distros like pfSense.

On 06/14/2016 03:48 PM, Phil Turmel wrote:
> Yes, please.  And I'm prepared to talk about libvirt, virt-manager, and
> virt-viewer for desktop usage.
> 
> On 06/14/2016 07:26 AM, Jim Kinney wrote:
>> Bring it!
>>
>> On Jun 14, 2016 4:52 AM, "DJ-Pfulio" <djpfulio at jdpfu.com
>> <mailto:djpfulio at jdpfu.com>> wrote:
>>
>>     On 06/13/2016 11:21 PM, Jim Kinney wrote:
>>     > We have a group panel discussion. Something about Linux and
>>     virtual systems and
>>     > a whole list of ideas. Time to panic and pull this together.
>>     >
>>
>>     Would it be worth hearing about SELF? There were at least 4 sessions on
>>     containers and docker - it will change the way I deal with
>>     containers completely
>>     - mainly from a security perspective.