Nine Internet Solutions AG<p>Solve the multi-tenancy problem in Kubernetes and reduce costs at the same time? 🤔 Virtual clusters – aka vClusters – have their own API server and are therefore more powerful and better isolated than namespaces. 🚀🏝️ But that's not all: they are also much cheaper than real Kubernetes clusters. 💰 You can find all further details about our vCluster offer here <a href="https://nine.ch/products/vcluster/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">nine.ch/products/vcluster/</span><span class="invisible"></span></a> on our website. 🔗 <a href="https://mastodon.social/tags/vcluster" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vcluster</span></a> <a href="https://mastodon.social/tags/kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kubernetes</span></a> <a href="https://mastodon.social/tags/multitenancy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>multitenancy</span></a> <a href="https://mastodon.social/tags/namespaces" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>namespaces</span></a> <a href="https://mastodon.social/tags/nine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nine</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
en.osm.town is one of the many independent Mastodon servers you can use to participate in the fediverse.
An independent, community of OpenStreetMap people on the Fediverse/Mastodon.
Funding graciously provided by the OpenStreetMap Foundation.
Administered by:
Server stats:
252active users
en.osm.town: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#namespaces
0 posts · 0 participants · 0 posts today
boredsquirrel<p><span class="h-card" translate="no"><a href="https://mastodon.social/@yoasif" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>yoasif</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@mozillaofficial" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mozillaofficial</span></a></span> </p><p>Mind to explain why??</p><p>The <a href="https://tux.social/tags/seccomp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>seccomp</span></a> filter in <a href="https://tux.social/tags/flatpak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>flatpak</span></a> blocks apps from creating user <a href="https://tux.social/tags/namespaces" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>namespaces</span></a>.</p><p><a href="https://tux.social/tags/Chromium" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chromium</span></a> has a fork server and using <a href="https://tux.social/tags/zypak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>zypak</span></a> at least works as a workaround.</p><p>Firefoxes (current, since a few years) solution is to just use no sandbox, only seccomp-bpf. Chromium doesnt even launch.</p><p><span class="h-card" translate="no"><a href="https://fosstodon.org/@ublue" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ublue</span></a></span></p>
boredsquirrel<p><span class="h-card" translate="no"><a href="https://floss.social/@kde" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>kde@floss.social</span></a></span> <span class="h-card" translate="no"><a href="https://lemmy.kde.social/c/kde" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>kde@lemmy.kde.social</span></a></span> </p><p>Can you tell us what happens on the "sandbox all the things" goal?</p><p>I think this is a pretty crucial step forward, even though <a href="https://tux.social/tags/sandbox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sandbox</span></a> technologies (most often through user namespaces) are more problematic than I initially thought.</p><p>(Basically, user <a href="https://tux.social/tags/namespaces" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>namespaces</span></a> open up <a href="https://tux.social/tags/privesc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privesc</span></a> dangers to the monolithic <a href="https://tux.social/tags/kernel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kernel</span></a>, which is incredible. <a href="https://tux.social/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> and <a href="https://tux.social/tags/ChromeOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ChromeOS</span></a> use <a href="https://tux.social/tags/LXC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LXC</span></a>, mounts and <a href="https://tux.social/tags/SELinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SELinux</span></a> for <a href="https://tux.social/tags/sandboxing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sandboxing</span></a>)</p>
lj·rk<p>So, anyone here with <a href="https://todon.eu/tags/Nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nix</span></a> and/or <a href="https://todon.eu/tags/Silverblue" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Silverblue</span></a> + a bit of deeper container/#podman and <a href="https://todon.eu/tags/namespaces" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>namespaces</span></a> knowledge?</p><p>I, again, am thinking about combining Silverblue as my base system with a more complex Nix setup to replace toolbox (which is effectively a separate whole Linux to maintain or throw away regularly, or build a CI for to create new images, etc. -- nah).</p><p>Now, Nix works fine, but it needs to store things under /nix because most binaries are prefix dependent and not portable in their location. But what if I download the nix store to $HOME/.nix instead and then launch a light-weight throw-away container/namespace that simply maps $HOME/.nix to /nix but keeps everything else identical?</p><p>Would that work? Did someone already build that stuff?</p>
OpenStreetMap Förderung BaWü<p>Development of different <a href="https://en.osm.town/tags/namespaces" class="mention hashtag" rel="tag">#<span>namespaces</span></a> in <a href="https://en.osm.town/tags/OpenStreetMap" class="mention hashtag" rel="tag">#<span>OpenStreetMap</span></a> <a href="https://taghistory.raifer.tech/?#***/motorcycle%3Arepair/&***/motorcycle%3Asales/&***/motorcycle%3Aparts/&***/motorcycle%3Aclothes/&***/motorcycle%3Arental/&***/motorcycle%3Ascale/&***/motorcycle%3Atype/&***/motorcycle%3Atyres/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">taghistory.raifer.tech/?#***/m</span><span class="invisible">otorcycle%3Arepair/&***/motorcycle%3Asales/&***/motorcycle%3Aparts/&***/motorcycle%3Aclothes/&***/motorcycle%3Arental/&***/motorcycle%3Ascale/&***/motorcycle%3Atype/&***/motorcycle%3Atyres/</span></a><br />(showing <a href="https://en.osm.town/tags/sabotage" class="mention hashtag" rel="tag">#<span>sabotage</span></a> regarding the vehicle-related ones)</p>
OpenStreetMap Förderung BaWü<p>How often do you use <a href="https://en.osm.town/tags/OpenStreetMap" class="mention hashtag" rel="tag">#<span>OpenStreetMap</span></a> <a href="https://en.osm.town/tags/namespaces" class="mention hashtag" rel="tag">#<span>namespaces</span></a> ? <a href="https://wiki.openstreetmap.org/wiki/Namespace" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">wiki.openstreetmap.org/wiki/Na</span><span class="invisible">mespace</span></a></p><p><a href="https://en.osm.town/tags/Namespace" class="mention hashtag" rel="tag">#<span>Namespace</span></a> <a href="https://en.osm.town/tags/Syntax" class="mention hashtag" rel="tag">#<span>Syntax</span></a></p>
Boiling Steam<p>Remember Plan9: Linux Namespaces Are a Poor Man's Plan 9 Namespaces: <a href="https://yotam.net/posts/linux-namespaces-are-a-poor-mans-plan9-namespaces/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">yotam.net/posts/linux-namespac</span><span class="invisible">es-are-a-poor-mans-plan9-namespaces/</span></a> <a href="https://mastodon.cloud/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://mastodon.cloud/tags/plan9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>plan9</span></a> <a href="https://mastodon.cloud/tags/namespaces" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>namespaces</span></a> <a href="https://mastodon.cloud/tags/os" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>os</span></a> <a href="https://mastodon.cloud/tags/design" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>design</span></a> <a href="https://mastodon.cloud/tags/architecture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>architecture</span></a> <a href="https://mastodon.cloud/tags/history" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>history</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload