‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, March 8, 2021 1:39 PM, L A Walsh <suse@tlinx.org> wrote:
A pod? What is a pod? Only place I've heard that term is meaning 'Plain-Old-Documentation' as used in perl.
I run MicroOS, which is a highly secure project of OpenSuse --an immutable OS--, and it is designed to run podman containers. One of the innovations of podman is the ability to create secure 'pods', which are a container-of-containers with its own internal network. I've since discovered that the pod's internal localhost network obviates the need to assign a static IP for my email pod's DNS server container. It simply listens on the pod's localhost.
It seems it is not a bootable or autostart-able image as you talk about it being "rootless" as well as "not auto-starting on boot".
Starting a pod and its containers 'rootless' (as a user) enhances security further. I've since discovered that there's a function in podman which will generate a systemd service specific to a pod or container, which can be en/disabled.
Are you talking about some type of VM? Using docker? with some specific SW (mailu/postfix)?
I'm running MicroOS in a KVM VM, and am translating Docker's advanced mailu/postfix image to run in Podman as a pod with containers in it running the various functions like postfix, dovecot, spamd, clamav, unbound, etc, all interacting within the pod, and with only strictly necessary interaction with the outside. So this VM will be my new email server, IF I can figure out how to make it work. I already have notes of what I believe to be 80% of the procedure. A caution about MicroOS -- almost no one knows the secrets to making it perform work. #suse is clueless as is this listserv, and there is no #microos yet. I hear I should join the Discord discussion, but Discord has always been too finicky to use for me. Literally everything I know I've had to figure out on my own. There is a learning curve to MicroOS. But My God... It's Full Of Stars.