These are chat archives for KHP-Informatics/bioindocker15

4th
Nov 2015
Brad Chapman
@chapmanb
Nov 04 2015 02:28
Cool, I don't think user namespaces made it into this release. They got merged in, but it must still be in a development branch.
Michael Barton
@michaelbarton
Nov 04 2015 02:29
Has anyone used swarm for bioinformatics workflows?
Will usernamespaces solve the issue with running as root? As I understand it, the daemon will still run as root and it could be possible for a malicious process to break out of the container?
Brad Chapman
@chapmanb
Nov 04 2015 02:38
That's right, the daemon still runs as root and is subject to attacks. But with user namespaces, an individual running a docker process doesn't have root-equivalent privileges. Right now you can't even let someone run a docker process without trusting them with root.
Michael Barton
@michaelbarton
Nov 04 2015 02:38
I see, thanks for the clarification.
That is the issue we have here. We still cannot run Docker on our HPC systems because of the security issues.
Brad Chapman
@chapmanb
Nov 04 2015 02:47
Agreed. I've been waiting for user namespaces to make more of an argument for Docker locally.
Cass Johnston
@cassj
Nov 04 2015 03:40
namespaces in the experimental branch apparently - http://integratedcode.us/2015/10/13/user-namespaces-have-arrived-in-docker/
Will have a play on Rosalind next week maybe.
Stephen J Newhouse
@snewhouse
Nov 04 2015 05:52
1.9 is good news.... also compose for Windows. on another point check out https://crate.io/ : distributed databases works with containers
we should suggest swarm for bioinformatics as a hack?
Amos Folarin
@afolarin
Nov 04 2015 07:56
According to Jess Frazelle user namespaces is in experimental branch, penned in for Docker v1.10 stable
Stephen J Newhouse
@snewhouse
Nov 04 2015 08:29
1.10 should be due soonish.... Jan 2016? which is nice...
looking forward to next week.
Amos Folarin
@afolarin
Nov 04 2015 09:33
we have a few volunteers to do an advanced docker concepts tutorial: https://github.com/KHP-Informatics/bioindocker15/blob/master/README.md#hackday-tutorial-2-advanced-docker-concepts, I'll press them on User Namespaces too ... running docker in multiuser environments was probably the top requested query in our eventbrite poll.
Stephen J Newhouse
@snewhouse
Nov 04 2015 11:05
great stuff!
to all the speakers, if you havent already sent through a head shot please. We are putting together the official Conference Agenda with abstracts and bios (it looking very nice!). Thanks Steve & Amos
*send