James Page
2013-11-28 13:46:55 UTC
Hi Folks
I've started working on the new, stripped down, juju specific MongoDB
package that we have been discussing over the last few weeks.
I'm proposing a package structure like this:
./usr/lib/juju/bin/mongos
./usr/lib/juju/bin/mongod
No users will be created; its just the binaries; upstart and general
system configuration such as creating users will be the responsibility
of juju.
The mongod and mongos binaries will be provided in a juju namespaced
location to avoid conflicting with the standard mongodb package; v8
will be linked statically using the embedded copy of v8 in the mongodb
source code - this avoids exposing v8 generally in main and allows the
security team to manage mongodb/v8 in the context of its use with
juju, rather than in more broad general use.
The plan is that we will apply for a minor release exception for this
package, and that if need be we can update to a new major release (2.6
for example) at some point in the future without impacting the rest of
the distro by bumping the standard mongodb package.
The total compressed package size is about 7MB - expanding to about
23MB on disk.
I still need todo some work on getting the embedded v8 copy to build
for armhf (MongoDB upstream strip this out) - arm64 has been discussed
but that's going to need some work upstream to enable v8 for this
architecture.
Other bugs pertinent MongoDB/juju usage would include:
https://bugs.launchpad.net/juju-core/+bug/1208430
I'm pretty sure that running mongodb not as root will be part of the
security team signoff on the MIR review.
Cheers
James
- --
James Page
Technical Lead
Ubuntu Server Team
james.page at canonical.com
I've started working on the new, stripped down, juju specific MongoDB
package that we have been discussing over the last few weeks.
I'm proposing a package structure like this:
./usr/lib/juju/bin/mongos
./usr/lib/juju/bin/mongod
No users will be created; its just the binaries; upstart and general
system configuration such as creating users will be the responsibility
of juju.
The mongod and mongos binaries will be provided in a juju namespaced
location to avoid conflicting with the standard mongodb package; v8
will be linked statically using the embedded copy of v8 in the mongodb
source code - this avoids exposing v8 generally in main and allows the
security team to manage mongodb/v8 in the context of its use with
juju, rather than in more broad general use.
The plan is that we will apply for a minor release exception for this
package, and that if need be we can update to a new major release (2.6
for example) at some point in the future without impacting the rest of
the distro by bumping the standard mongodb package.
The total compressed package size is about 7MB - expanding to about
23MB on disk.
I still need todo some work on getting the embedded v8 copy to build
for armhf (MongoDB upstream strip this out) - arm64 has been discussed
but that's going to need some work upstream to enable v8 for this
architecture.
Other bugs pertinent MongoDB/juju usage would include:
https://bugs.launchpad.net/juju-core/+bug/1208430
I'm pretty sure that running mongodb not as root will be part of the
security team signoff on the MIR review.
Cheers
James
- --
James Page
Technical Lead
Ubuntu Server Team
james.page at canonical.com