[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] We have a bugzilla requesting that we change the default CMD to systemd for base images in RHEL



The advantage of setting up a layered image called RHEL7-systemd on top of RHEL7 is that we could default the two things necessary to run a systemd container.  STOPCMD and CMD. Also we could continue to work to get systemd out of the RHEL7 base container.


On 10/26/2016 02:36 PM, Ben Breard wrote:
Today, systemd is included with our 7.2 and newer base images. We are putting the finishing touches on the work Colin started earlier this year and plan to release a new, minimal base image. I've been toying with the name rhel7-core, but that name sucks and will likely change. Since the new minimal image will contain a minimal package manager, I don't want to promote this one to be something like "rhel7", and change the current base image to "rhel7-systemd", or other. That would be too disruptive IMO. 

I don't see changing the default CMD to start systemd as being problematic, but I don't see it as very advantageous either. It's trivial to add CMD ["/sbin/init"] to dockerfile to use systemd, and **nothing** breaks for anyone. I'm leaning towards the opt-in model versus opt-out. Anyone want to convince me otherwise? :)

Cheers,



On Wed, Oct 26, 2016 at 6:34 AM, Daniel J Walsh <dwalsh redhat com> wrote:


On 10/25/2016 04:30 PM, Josh Berkus wrote:
> On 10/25/2016 12:14 PM, Josh Berkus wrote:
>> On 10/25/2016 12:02 PM, Jeremy Eder wrote:
>>> When you "docker pull golang", the image is over 600MB (and it's built
>>> on alpine).
>>> Same with docker pull java...also > 600MB.
>>>
>>> docker pull alpine is not apples:apples.  If you're pulling alpine it's
>>> because you're about to shove in a ton of other stuff.
>> Yah, I'm less concerned about the exact size as I am with the dependency
>> graph.  Currently systemd pulls in a LOT of random stuff, any of which
>> requires various security updates.  There's also the effect on startup
>> time for calling a container which is running a websocket-activated app,
>> or a desktop app.
> You know, though: if we're just changing the default CMD, and NOT what
> we include in the base image, then it really doesn't break anything.
> Everyone who builds a container overrides the default CMD.
>
Right the problem is changing the default STOPCMD.




--

Ben Breard
Sr Technology Product Manager - Linux Containers
Mobile: 972-816-9081


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]