|
|
[[!meta title="Replacing Vagrant?"]]
|
|
|
|
|
|
[[!toc levels=2]]
|
|
|
|
|
|
**Main ticket**: [[!tails_ticket 7526]]
|
|
|
|
|
|
Goals of our Vagrant thing
|
|
|
==========================
|
|
|
|
|
|
1. Make it easy to new contributors to build a Tails ISO.
|
|
|
2. Improve consistency between our various ways of building Tails ISOs
|
|
|
(Tails developers currently use at least 3 different build setups,
|
|
|
and our auto-builder yet another one).
|
|
|
3. Our "easy build" instructions must work at least on:
|
|
|
- Debian stable + backports
|
|
|
- Debian testing
|
|
|
4. Ideally, our "easy build" instructions should also work at least on:
|
|
|
- latest Ubuntu LTS
|
|
|
- latest Ubuntu non-LTS
|
|
|
|
|
|
What we have
|
|
|
============
|
|
|
|
|
|
* A Vagrant setup that works on a Wheezy host, and presumably on a sid
|
|
|
one too. No idea about Ubuntu 14.04 LTS and upcoming 14.10, let
|
|
|
alone other distros or non-Linux OS.
|
|
|
|
|
|
* Our Vagrant setup has many problems: [[!tails_ticket 7527]].
|
|
|
|
|
|
* What our Vagrant thing does:
|
|
|
- downloads and checks a build basebox as needed
|
|
|
- creates and configures a build VM as needed
|
|
|
- fires up a build VM as needed
|
|
|
- makes the Git tree available in the build VM (with VirtualBox
|
|
|
shared folders)
|
|
|
- run the build scripts inside the build VM, taking into account
|
|
|
various options (passed as environment variables) to accomodate
|
|
|
local needs
|
|
|
- retrieve the build artifacts from the build VM onto the host system
|
|
|
|
|
|
* Vagrant hasn't been actively maintained in Debian for a while.
|
|
|
It is part of Jessie, but that was by a very short margin. OTOH it
|
|
|
looks like its maintainer now cares much more about it.
|
|
|
|
|
|
* VirtualBox vs. QEMU/KVM:
|
|
|
- One can't run both VirtualBox and QEMU/KVM on the same system.
|
|
|
- Vagrant use VirtualBox by default.
|
|
|
- Some of us use VirtualBox, some of us use QEMU/KVM.
|
|
|
- Our infrastructure (e.g. auto-builder) uses QEMU/KVM.
|
|
|
- It seems easier to convert VirtualBox users among us to QEMU/KVM,
|
|
|
than the contrary, thanks to the larger feature set (e.g.
|
|
|
USB removable devices emulation). GNOME Boxes may make it less
|
|
|
painful for some.
|
|
|
- There's a vagrant-libvirt plugin available, not in Debian yet, see
|
|
|
the corresponding blueprint for packaging and backporting
|
|
|
challenges. That's irrelevant, though, if the vagrant package
|
|
|
itself is not very well maintained in Debian.
|
|
|
- There's a libvirt driver for VirtualBox too.
|
|
|
|
|
|
* Vagrant's upstream provides a .deb, but no proper source package
|
|
|
(they're using FPM). There's no strong cryptographic way to
|
|
|
authenticate this package after downloading it. We don't want to
|
|
|
rely on that package, nor to advertise it, for security reasons, and
|
|
|
also due to our policy to do things with/in Debian.
|
|
|
|
|
|
* Docker is seeing a lot of traction lately. It might be a better bet
|
|
|
than Vagrant on the long-term.
|
|
|
|
|
|
What others use
|
|
|
===============
|
|
|
|
|
|
* Ubuntu cloud images are built with vmbuilder, which works basically
|
|
|
at the same level as live-build. It might be useful to create and
|
|
|
maintain a builder basebox, but it doesn't provide the same glue as
|
|
|
Vagrant for downloading, managing, booting and file sharing.
|
|
|
* Same for other building cloud images for other operating systems,
|
|
|
apparently:
|
|
|
<http://docs.openstack.org/image-guide/content/ch_creating_images_automatically.html>
|
|
|
* [Vortex](https://github.com/websecurify/node-vortex/) is similar
|
|
|
to Vagrant. Only supports VirtualBox (and the Amazon cloud) as
|
|
|
of 20141130.
|
|
|
|
|
|
Plan
|
|
|
====
|
|
|
|
|
|
* Short-term: fix the Vagrant situation for the most important
|
|
|
usecases ([[!tails_ticket 7527]])
|
|
|
* Mid-term: fix the situation for real, starting with evaluating
|
|
|
`vagrant-lxc` (in Stretch, [[!tails_ticket 10232]]) and `vagrant-libvirt` (see
|
|
|
[[blueprint|blueprint/vagrant-libvirt]]). If none of those is good
|
|
|
enough, then let's give another look to Docker ([[!tails_ticket
|
|
|
7530]], [[blueprint/evaluate_Docker]]). |