Comment by trurl42

2 days ago

> Unfortunately, though, most developers don’t even know that there are options outside of Docker, or that they’re not as “convenient”.

> Hopefully, this article has disabused some of that notion.

If that was the goal, it seems terribly complicated when compared with podman.

8 comments

trurl42

Reply
throwaway894345  2 days ago

I was thinking similarly. All of those steps to circumvent the OCI image infrastructure just to use systemd…

  • josteink  2 days ago

    OCI is for running prepackaged software in black boxes from the internet, where you have no interest or ownership of the container internals.

    Most of my containers are not like that. Well, actually none are.

    systemd-nspawn is for running your own containers, with a VM-like usage pattern (ie not immutable), deployed as part of your overall systemd based infrastructure for when the thing you need to manage is "too big" to be deployed as its own systemd-service unit, but you still want to be able "to systemd" it.

    This fits my use-case perfectly.

    • fburnaby  2 days ago

      This distinction is a more useful one that the article made. I love dockerfiles and immutability, but there are good cases for mutable containers, too.

      2 replies →

    • throwaway894345  18 hours ago

      I think you’re conflating packaging and runtime. OCI images are a packaging format while systemd-nspawn is a runtime. Runtimes and package formats are orthogonal.

      > systemd-nspawn is for running your own containers, with a VM-like usage pattern (ie not immutable)

      Containers aren’t immutable (OCI or otherwise). Again, I think you’re conflating images (the package formats are orthogonal) with their runtime instantiation, the container. OCI images like VM images are immutable, but containers and VMs are mutable.

      My main objection to systemd-nspawn (at least as described in the article) is that it lacks a complementary package manager (or rather, that there’s no remotely convenient way to run software packages with it) and so you have to create your containers with manual changes and dodgy bash scripts. Regardless of what runtime you use, that seems like a not-very-maintainable way to manage software.

moondev  2 days ago

Author should consider running it inside Docker for more convenient setup.

  • exceptione  2 days ago

    Never. If he wanted to go the containers route, Podman is there. There is no reason to use Docker anymore. (Only a satellite tool like docker-compose is not 1-1 compatible with podman-compose, but podman has other ways to orchestrate with systemd as part of podman vision for orchestrating.)