Giuseppe Scrivano has been introducing the concept os system containers. https://github.com/giuseppe/atomic-oci-containers
These are containers pulled to a host using the skopeo via the atomic install command. They get installed onto an ostree on /var/lib/containers/atomic. They install system unit files, and use runc to launch the container. The original reason for them was to install container image software on the host which was needed to be run before a container runtime was executed like docker. We have now begun experimenting on running the "docker daemon" inside of a system container. The nice thing about system containers is that they give us an easy way to add software to atomic host but they would work just as well on a standard operating system. You can play around with the docker system container using systemctl stop docker atomic install --system gscrivano/docker-fedora systemctl start docker The --system options tells atomic to install this using the "system" method. Now you have docker running in a system container rather then running natively on your host. One problem I have with this is forgetting to use the --system flag when installing the container. I would like to add a LABEL to the image that would tell atomic command to install using the --system method. This label would not be a generic label, since other tools might not implement the concept of a system container. I guess we could add a label like LABEL org.projectatomic.atomic.type=system Then this would cause atomic to use the --system flag? Thoughts on this label?
