[Samba] moving DC to new hardware

Sven Schwedas sven.schwedas at tao.at
Wed Feb 3 14:51:33 UTC 2021


On 03.02.21 14:45, Marco Gaiarin via samba wrote:
> Mandi! Stefan G. Weichinger via samba
>    In chel di` si favelave...
> 
>> I once considered running a DC in a docker container ...
> 
> I don't know docker, but if is similar with linux container (LXC), make
> a note that you CANNOT use a 'unprivileged container' for a DC, because
> samba need a 'real' root user to manage extended attributes in
> filesystem.

We run ours in systemd-nspawn containers, which isn't much different 
from LXC, works fine. Better than the VMs we had before, subjectively.

Docker is probably the wrong container tool for DCs, its "containers 
must be ephemeral" approach does *not* mesh well with all the various 
persistent bits and pieces you need and the delicacy of Samba upgrade 
procedures…

-- 
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas, Tech Lead
✉ sven.schwedas at tao.at | ☎ +43 680 301 7167
TAO Digital   | Teil der TAO Beratungs- & Management GmbH
Lendplatz 45  | FN 213999f/Klagenfurt, FB-Gericht Villach
A8020 Graz    | https://www.tao-digital.at

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20210203/2dd2353d/OpenPGP_signature.sig>


More information about the samba mailing list