Hacker News new | past | comments | ask | show | jobs | submit login

Another issue with Docker: it does not interact well with process supervision (say systemd). The "docker run" process that you run with systemd is only a proxy for the real container process, which is started by the Docker daemon - so in reality, you have two init systems, Docker _and_ systemd. This means that many supervision features won't work (signals, seccomp, cgroups...).

rkt fixes this by not having a global daemon.

The linked article puts it well:

https://medium.com/@adriaandejonge/moving-from-docker-to-rkt...




cgroups, seccomp etc are set by docker so they do work. I think it is weird to view these as exclusively owned by the init process.

Docker works on systems without systemd (indeed, it runs on Windows), so relying on features that systemd has (currently, many are only recent additions) is not really an option.


Give it time. Once systemd runs out of Unix utilities to consume, it will inevitably turn on WinInit.exe and the Service Control Manager.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: