Nice article.
I would like to stress that docker is intended to be
process container not system container.
In adeal (aka. Fictional unicorn) containers you
would have a single process. Your start.sh should exec (to
replace the shell) the application ("exec node ." Or "exec java
-jar start.jar")
Many applications does not fit such restrictions.
People end up using things like supervisord (a python script
that manage multiple processes ) but of course it won't work out
of the box. One need to rewrite services into its .ini format.
We have seen many fake systemds that are not 100%
compatible.
Having real systemd would make dockerizing such apps
a trivial job.
I would love if real systemd that just work. that
fail gracefully for example when it does not have cgroups
mounted it would just ignore cgroups-related directives.
I wish if I just run
docker run -dt fedora-systemd
Without any -v
How far are we from this?
We have it now, that is what isĀ talked about in the end of the
article, oci-systemd--hook.