Open Infrastructure

container-tools: TODO

unsorted todo list..
add @FILE@ in preseed.cfg files to reference the (base?)name of the file in the host-commands, like @NAME@

implement multiple addresses per interface

add a 'wait' option to cnt stop, so that 'cnt stop,remove -n foo' works
implement 'disabled' state in container config, show such containers as 'white' instead of red (poweroff) or green (poweron)
implement etcd as shared "registry"/configuration
look into using disk images (also: https://lwn.net/Articles/859240/)

extend cnt enter to also mount things (if container is not started, do a simple chroot, but have bindmounts/overlays etc. present)

add a container ressource usage report tool
finish switch to systemd-networkd
make reboot from within the container possible
write-out the preseed file when using debconf script in interactive mode
use locking so users can concurrently create containers (with debconf script)
cnt list doesn't align multi addresses properly
cnt list doesn't show real-time addresses

add container show command

add cnt move -s {rsync,criu} with default symlink lookup
add cnt copy
add cnt snapshot
add cnt hibernate/suspend/freeze

use random and unique string as veth name by default, not short-host

adding known bug section to container console manpage that root login doesn't work (securetty) out-of-the-box

add mac-override for a container veth
add DeviceAllow thingies as well as a hotplug add command for devices,
use https://github.com/coreos/rkt/issues/873 as inspiration
https://www.insecure.ws/linux/systemd_nspawn.html

add crudini

add lock in script to upgrade cache only when noone else is upgrading it.

add release/roadmap notes to readme.txt

add --save flag to container limits command to write 'new' limits into config automatically
add --upgrade flag to container config command to automitcally upgrade config to new formats

add description about scope of container-tools (small setups where openstack is over the top) in connection with cockpit-project

cntsh: add --enable-commands COMMAND/--disable-commands COMMAND

* add automatic network configuration on host system for bridge (debconf).
* add command for ressource simple limiting

* make shell be able to be used as an interpreter for scripts

* run/exec commands in a container:
sudo container run -n NAME [COMMANDS]

manpage:
- add config manpage

commands:
- add get/set program for config

cnt-start:
  * add a oem-config hook function.

integration:
  * criu: e.g. cnt save/restore or something
  * openstack
  * cockpit
  * libvirt
  * ostree
  * libguestfs

https://github.com/linuxfoundation/cii-best-practices-badge/blob/master/doc/criteria.md
https://github.com/lfit/itpol/blob/master/linux-workstation-security.md

random:
  * re-add caching possibility with pre-shipped tarballs
  * integrate example debian packages that contain /usr/share/container-tools/cache/*
  * add debconf question to ask for level of mac conflict check
  * add cnt 'control' user with sudo magics so that unprivileged users can
    start/stop/restart/create/destroy their containers; maybe group so that anyone in group can do it
  * add bash-completion
  * don't hardcode /var/lib/machines
  * do something about the automatic bridge+dhcpd+resolver-setup use-case

cnt-debconf:
  * include removal of backup files and such from system-build:share/hooks/*
  * make /usr/share/container-tools/includes/{$name,all} or somesuch for local includes (e.g. certs)
  * for some reason the Internal_options don't make it to debconf.default;
    probably because the 'if db_get ...' constructs don't work with set -e.
  * allow mechanism to store local packages that overwrite repository ones
  * if invoked as cnt-debconf, ask for mode (debian, progress-linux, etc.)
  * allow to have templates (that do not get modified) in /etc/cnt/debconf
  * write preseed file into /etc/cnt/debconf after cnt-debconf is done
  * create /etc/cnt/{debian,progress} and respect it depending on mode
  * save last used IP, use this +1 as default for next container
  * check for already used IPs and give a warning if a container with
    same ip already exists on the system.
  * add manpage
  * handle mac (arp; local; etc.)
  * guess bridge device
  * get rid of /bin/bash
  * don't embedd cnt config, use a template from etc
  * check if the 'no network' use case is handled properly in cnt-debconf
    should not add network entries in the container config file.
  * support /etc/cnt/debconf/$FQDN.d/*.cfg as valid preseeds
  * if exit with error, do unmount pseudo-fs (use a trap, rather than rely on flock/set +x)
  * use /etc/cnt/default.conf as an include from $container/config
  * add something like --no-delete to not delete cache/containers when
    creation failed (in order to be able to debug later on)
  * check that preseed hiearchy is correct:
    - main preseed voerwrites includes
    - first include is overwritting by second include