[atomic-devel] I would like to discuss a new IMAGE label to indicate whether an image is a --system image.

[Daniel J Walsh <dwalsh redhat com>]

Giuseppe Scrivano has been introducing the concept os system containers. 

https://github.com/giuseppe/atomic-oci-containers

These are containers pulled to a host using the skopeo via the atomic
install command. 

They get installed onto an ostree on /var/lib/containers/atomic.

They install system unit files, and use runc to launch the container. 
The original reason

for them was to install container image software on the host which was
needed to be run

before a container runtime was executed like docker.  We have now begun
experimenting

on running the "docker daemon" inside of a system container.  The nice
thing about system

containers is that they give us an easy way to add software to atomic
host but they would work

just as well on a standard operating system.


You can play around with the docker system container using

systemctl stop docker

atomic install --system gscrivano/docker-fedora

systemctl start docker

The --system options tells atomic to install this using the "system" method.


Now you have docker running in a system container rather then running
natively on your host.


One problem I have with this is forgetting to use the --system flag when
installing the container.

I would like to add a LABEL to the image that would tell atomic command
to install using the --system

method.  This label would not be a generic label, since other tools
might not implement the concept of a

system container.  I guess we could add a label like

LABEL org.projectatomic.atomic.type=system

Then this would cause atomic to use the --system flag?

Thoughts on this label?