On Wed, Feb 17, 2016 at 10:44:52AM -0500, Daniel J Walsh wrote:
>
> Right but your install script could communicate with docker to create a
> container.
> IE You separate out the act of running the install script from the
> actual creation of the
> container.
>
> You install.sh could execute
>
> docker create -h ipa.execample.com FOOBAR
This would have to be
chroot $HOST docker create -h ipa.execample.com FOOBAR
right?
Is invocation of the docker (client) from inside of the INSTALL
container recommended practice that we plan to support long-term?
The container running the install.sh would need to be --privileged,
to populate content on $HOST and call the docker command, and the
second container could then be unprivileged, calling something like
install-unprivileged.sh in the image.
I like the approach, I'm only worried if we are ready to support it
long term.
--
Jan Pazdziora | adelton at #ipa*, #brno
Sr. Principal Software Engineer, Identity Management Special Projects, Red Hat
