[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] The atomic command and setting hostname for containers

On 04/19/2016 07:21 AM, Jan Pazdziora wrote:
On Wed, Feb 17, 2016 at 10:44:52AM -0500, Daniel J Walsh wrote:
Right but your install script could communicate with docker to create a
IE You separate out the act of running the install script from the
actual creation of the

You install.sh could execute

docker create -h ipa.execample.com FOOBAR
This would have to be

	chroot $HOST docker create -h ipa.execample.com FOOBAR


Is invocation of the docker (client) from inside of the INSTALL
container recommended practice that we plan to support long-term?
The container running the install.sh would need to be --privileged,
to populate content on $HOST and call the docker command, and the
second container could then be unprivileged, calling something like
install-unprivileged.sh in the image.

I like the approach, I'm only worried if we are ready to support it
long term.

Either that or you embed docker inside of the container, and volume mount /run into the container.

But I like your example better. atomic install should almost always be a privileged container.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]