The advantage of setting up a layered image called RHEL7-systemd on top of RHEL7 is that we could default the two things necessary to run a systemd container. STOPCMD and CMD. Also we could continue to work to get systemd out of the RHEL7 base container.
On 10/26/2016 02:36 PM, Ben Breard wrote: > Today, systemd is included with our 7.2 and newer base images. We are > putting the finishing touches on the work Colin started earlier this > year and plan to release a new, minimal base image. I've been toying > with the name rhel7-core, but that name sucks and will likely change. > Since the new minimal image will contain a minimal package manager, I > don't want to promote this one to be something like "rhel7", and > change the current base image to "rhel7-systemd", or other. That would > be too disruptive IMO. > > I don't see changing the default CMD to start systemd as being > problematic, but I don't see it as very advantageous either. It's > trivial to add CMD ["/sbin/init"] to dockerfile to use systemd, and > **nothing** breaks for anyone. I'm leaning towards the opt-in model > versus opt-out. Anyone want to convince me otherwise? :) > > Cheers, > > > > On Wed, Oct 26, 2016 at 6:34 AM, Daniel J Walsh <dwa...@redhat.com > <mailto:dwa...@redhat.com>> wrote: > > > > On 10/25/2016 04:30 PM, Josh Berkus wrote: > > On 10/25/2016 12:14 PM, Josh Berkus wrote: > >> On 10/25/2016 12:02 PM, Jeremy Eder wrote: > >>> When you "docker pull golang", the image is over 600MB (and > it's built > >>> on alpine). > >>> Same with docker pull java...also > 600MB. > >>> > >>> docker pull alpine is not apples:apples. If you're pulling > alpine it's > >>> because you're about to shove in a ton of other stuff. > >> Yah, I'm less concerned about the exact size as I am with the > dependency > >> graph. Currently systemd pulls in a LOT of random stuff, any > of which > >> requires various security updates. There's also the effect on > startup > >> time for calling a container which is running a > websocket-activated app, > >> or a desktop app. > > You know, though: if we're just changing the default CMD, and > NOT what > > we include in the base image, then it really doesn't break anything. > > Everyone who builds a container overrides the default CMD. > > > Right the problem is changing the default STOPCMD. > > > > > -- > > Ben Breard > Sr Technology Product Manager - Linux Containers > Mobile: 972-816-9081
