There are some images that still use supervisord. We need to migrate those to systemd. One example: https://github.com/fedora-cloud/Fedora-Dockerfiles/tree/master/lighttpd
See also: https://fedorahosted.org/cloud/ticket/122
Will start working on that and send PR for some of those images.
+1 to this ticket, but note that systemd does not work in container ATM: https://github.com/fedora-cloud/docker-brew-fedora/issues/24
currently containers running systemd have to be created with the --privileged flag, i think this can be a problem from the security standpoint if it's not well understood by the user
The --privileged option is not needed. If it is, it's a bug and needs to be reported.
Replying to [comment:4 ichavero]:
I don't think that we have to run container with --privileged mode because yesterday I did experiment and seems like we can run it without such flag.
Docker image of f22 apache with systemd :- https://hub.docker.com/r/kumarpraveen/fedora-apache/
if your provide more detail about where did you face such issue that would helpful.
Another thing is I also updated lighttpd dockerfile to run it with systemd instead of supervisor and currently on my git forked branch. I have to check mounted stuff other than that it works as expected.
Repo: https://github.com/praveenkumar/Fedora-Dockerfiles/tree/f22/lighttpd
Replying to [comment:6 kumarpraveen]:
That dnf -y update and systemctl mask systemd-remount-fs.service seems redundant since you use kumarpraveen/fedora-systemd which already include it.
Replying to [comment:8 adelton]:
Replying to [comment:6 kumarpraveen]: Docker image of f22 apache with systemd :- https://hub.docker.com/r/kumarpraveen/fedora-apache/ That dnf -y update and systemctl mask systemd-remount-fs.service seems redundant since you use kumarpraveen/fedora-systemd which already include it.
Yes right, I will update it, this is only to making sure service is working as expected.
Replying to [comment:9 kumarpraveen]:
I believe fedora:22 should be updated -- you should probably avoid running 'dnf update -y' in your Dockerfile (based on 'container-best-practices').
chapter 5 in: [https://github.com/projectatomic/container-best-practices/blob/9cbc746f8c3474b5e46836714b34c903b02b59a1/content/general_guidelines/general_guidelines.adoc]
Replying to [comment:10 praiskup]:
Replying to [comment:9 kumarpraveen]: Yes right, I will update it, this is only to making sure service is working as expected. I believe fedora:22 should be updated -- you should probably avoid running 'dnf update -y' in your Dockerfile (based on 'container-best-practices').
Ah, I didn't know that. My understanding is base image not always updated since packages update happen more frequently which might not get into base image. Good that you pointed out, I will get rid of that also.
https://github.com/fedora-cloud/Fedora-Dockerfiles/pull/161 Please review and let me know your suggestion/comments.
scollier can you review?
We are review this ticket again in February as decided in the cloud wg meeting on 2015-01-06.
closing this Dockerfiles ticket as we are now using the Fedora build system to build containers and they are going through review.
Metadata Update from @dustymabe: - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.