Hi Nico Kadel-Garcia! On 2014.11.09 at 12:55:08 -0500, Nico Kadel-Garcia wrote next:
> > E.g. we had a goal "use SL7 on database host, but run PostgreSQL with > > some related services inside SL6 container, until we get enough time to > > make it work on SL7 natively (after which we'll move it from container > > to base system)". > > Having nearly complete virtual host with sshd, postgresql server and > > related tools would be cumbersome in docker. This task can be solved > > with LXC, however. > > Out of curiosity: what was the problem? I'd assume that SSH, for > remote configuration management inside the container, and the actual > running service itself inside the container, would be common > configurations. First of all, it's not considered to be best practice to run sshd: http://jpetazzo.github.io/2014/06/23/docker-ssh-considered-evil/ The problem is with design, with docker you use external configuration and everything is controlled by it. You use small separate containers for each kind of service. Our usage scenario relies on multiple virtual servers, each running lots of various services, with exact configuration (network, which services to run and so on; often there is a need to stop bunch of services on one container and run then on another) controlled by chef. It works fine with KVM hosts, OpenVZ or LXC containers, but kind of conflicts with how you're supposed to use docker. Using chef client "from inside" container to change system configuration or even its purpose is very different from docker "create container for this or that service" usage pattern. -- Vladimir