Slashdot Mirror
Chrome OS Could Be Getting Containers for Running Linux VMs (zdnet.com)
Chromebook users may soon have a simpler way to run their favorite Linux distribution and applications on Google's Chrome OS hardware. From a report: As spotted by Chrome Unboxed, there's a newly merged commit in Chromium Gerrit describing a "new device policy to allow Linux VMs on Chrome OS." A related entry suggests support could come with Chrome OS version 66, which is due out in stable release around April 24, meaning Google might announce it at its annual IO developer conference, which starts on May 8. Developers can already use a tool called Crouton to install and run Linux on Chrome OS, but there is a security trade-off because Chrome OS needs to be switched to developer mode to use it. There's also a Crouton extension called Xiwi to enable using an OS in a browser window on Chrome OS. However, it too requires developer mode to be enabled. A recent commit suggests Chrome developers are working on a project called Crostini that may solve the developer mode problem by allowing Linux VMs to run inside a container.
Aside from any security issues, is Chrome hardware really capable of running any kind of virtualization without feeling sluggish?
+sending your data back to Google servers and selling your data for profit
The update actually states
"Add Crostini experiment to fieldtrial testing. This enables project Crostini, running Linux VM on chrome OS, for Chromium developer builds"
and makes no mention of containers.
I'd rather flash the firmware and then install Cloud Ready, Windows, and GalliumOS. Or at least I would if I cared that much about CrOS. My C720 practically always runs Windows 10, booting into GalliumOS only when I need to unfuck something Windows won't let me unfuck.
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
Modern CPUs that do virtualization on the die mean you don't need massive horsepower to do virtualization. You probably want text-mode Linux rather than a GUI in your VM unless you have extra RAM to spare, though.
You also don't need virtualization for containers.
And better yet, containers and VMs are two ENTIRELY DIFFERENT CONCEPTS.
Docker: LXI Containers
VirtualBox: Hardware Virtualization
These are NOT INTERCHANGEABLE. They may be used as substitutes for each other or in conjunction with each other, but the connotations here are WRONG. Obviously, the "editors" here are too busy blaming things on Russia and Pai to bother checking articles and summaries. Now that I have gone back and reread the summary, I noticed that msmash wrote this which means that she is purely ignorant. Sad.
Mod parent up.
ChromeOS has been Google's biggest project dud. They've suckered everyone into everything else, but their OS still is not competitive.
Plus, who would trust this? Hopefully no one who works in infosec. If anything, do the opposite: run Linux and put anything you need from Google in isolation.
Slashdot has lost its mind. Mod up.
So when do we get this in the Chrome browser?
Clearly the future of cloud web hosting is for the website to actually be hosted and run in the users browser.
In addition of testimony of other users about running Virtual Box and using VT-x CPUs extensions,
keep in mind that TFS mentions *containers*.
i.e.: sort of super-chroots that uses in-kernel features (Cgroups) to partition more than just file system directories, but every other ressources too like CPU scheduling, etc. (unlike vanilla chroot. So they are a bit more secure)
Everything runs under the same kernel (so a bit less secure than full-blown emulators like qemu, virtualbox, etc.) there's no emulation at all, and a single kernel is responsible for scheduling all the resources among containers.
So basically, containers (e.g.: LXC, Docker, etc.) are as light-weight as a chroot. You can run a couple of them even on a Raspberry Pi. Any half decent chrome book would have no problems at all.
The only actual limits would be RAM depending on how much software will be running at the same time among all the containers.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
You don't run "Linux VMs inside a container", you run processes or Linux distributions inside containers.
Most Chromebooks have pretty basic hardware like a Celeron CPU some even having a ARM CPU. Then you have like 2 to 4 GB RAM which I would say is not nearly enough to run any sort of VM even on Chrome OS. Let's face it, Chromebooks have never amounted to much because their just cloud based cheap devices. Yes a few really nice one's come out but then your faced with Chrome OS. Your better off buying a cheap Windows PC and install a Linux OS on it yourself.
I went several layers deep into TFA and I must admit, I'm still confused as to what exactly is being added to ChromeOS, so I wouldn't blame the editors here who are unlikely to be as knowledgeable about the ins and outs of virtualization, containers, UML, chroot, etc.
Here's the problem: The reports claim Google is using both terms. The commit reads this:
Clears it up right? Well, kinda, except according to the same website, crosh has recently had commands added for "running programs inside a container".
This could mean one of eleventeen things. They include:
1. Both LXC style container technology and VMWare style VMs are coming to ChromeOS.
2. Google is using the term "container" to describe some kind of lightweight VM type technology that'll appear in ChromeOS.
5. Google has no idea what VMs are and/or has no idea what containers are, and has confused them, and is planning an LXC style sandboxing environment for ChromeOS.
6. Like 5. but Google knows, it just doesn't care. 9. chromeunboxed is actually making shit up.
I have no idea what the truth is. I'm guessing 6 simply because the low spec of most Chromebooks would make 2 less likely.
You are not alone. This is not normal. None of this is normal.
Comment removed based on user account deletion
there is a need for some hardware choices for chrome os, including desktops with some expansion capabilities, that can actually run virtual machines (and without the ridiculous premium price tag of an intel core-based unit)......
or
an actual usable supported release of the software for install on *our choice* of hardware, not what google says is 'allowed'.
I know nothing about ChromeOS code. So clearly I shouldn't be surprised that I'm struggling to make since of this commit. But the size of this change seems small enough that I might expect to at least be able to make the two ends meet (the part storing and managing the new policy key and the part that reads that key and acts upon it).
https://chromium-review.google...
But I can't. All I see are things related to storing and managing the key. I don't understand how this newly created "thing" has any effect on the operation of the OS. Where is that policy checked? I assume there's some application layer outside of this structure that's acting upon the value of this new key, yes? Where could one find that?
Come on!
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
Touchscreen Chromebooks have been running android apps for about a year or so. ChromeOS has a full strength, desktop grade browser which is a much better experience than any mobile browser. Android apps are surprisingly good on ChromeOS now... Devices like Samsung's Chromebook Plus are basically what tablets want to be when they grow up. The bonus is being able to run Linux, and by adding container support, it would make that experience better and potentially much more secure than running crouton. One of the best features of ChromeOS devices is how easy to manage and restore they are compared to "full strength" OS devices.
-- $G
Container is a generic term. Solaris provides a service called Zones, which are based on FreeBSD Jails (but with a few improvements over the older Jails, such as full network-stack virtualisation and support for SysV IPC, both of which I think are now supported in FreeBSD). Linux provides a bunch of services that can be cobbled together to provide more or less the same abstractions.
I am TheRaven on Soylent News
This is Awesome! Currently using crouton, and it works well, it's just a hack. It would be exceptionally nice for it to be an officially supported feature. What other company would do this for the niche geek market? I am often tempted to boycott google products because of their work place politics and scary knowledge they posess about what I am thinking based on what I have entered into a search box... but if they keep producing things that work and are open... maybe they can have my data. Just layoff the stupid workplace politics...
So, they're making Chrome OS move toward Android. Anyone surprised?
I'm only surprised that Google can't make Chrome for Android worth half a shit, which is the only reason ChromeOS even exists. It remains grossly inferior to the real Chrome.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Android apps are surprisingly good on ChromeOS now.
Dude, do you own a Chromebook?
I have a samsung chromebook 3 and IMHO APK's on chromebook suck, at least on the graphic support, and that's the only thing you'd care about running an android application. It feels like running an android VM.
He said "now"... that might suggest that the comment is only relevant to chromebooks that have come out more recently.
File under 'M' for 'Manic ranting'
I think technically you're supposed to pay Oracle $1 each time you say, read or write the word 'container'.
Container. Container. Container.
I've got some S&P tracker ETFs so I guess that means I own some ORCL shares indirectly.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
Everyone is worth spying on. If you have $10 in your bank account, you're worth a few seconds of a robot's time to try to rip off. As Geddy Lee explained: "Ten bucks is ten bucks."
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Touchscreen Chromebooks have been running android apps for about a year or so. ChromeOS has a full strength, desktop grade browser which is a much better experience than any mobile browser. Android apps are surprisingly good on ChromeOS now.
You know else runs Android apps surprisingly good? ANDROID.
Yes, they containers and virt are different yet very related. So besides bashing the article, you should advise us of what the source changes are pointing towards.