On Tue, 31 Dec 2024, at 17:16, JH Foo wrote: > Not sure if this is a jail or podman thing: I'm learning about running > apps in Podman, and the recommendation seems to be to include a CMD in > Containerfile/Dockerfile. When the binary called by the CMD ends, the > jail is stopped. In the example > (https://gitlab.com/bergblume/podman-caddy-on-freebsd/-/blob/master/caddy.yml?ref_type=heads), > > Caddy is run daemonless using this technique. > > My question is: in the world of sidecars is this still the right way to > execute long-running (e.g. API) services? I'm using Bastille now and I > set up Caddy (for example) as a service in /etc/rc.conf. Is this > considered anti-pattern in Podman/OCI containers?
Yes. On FreeBSD we’ll need to figure out what the minimal dependencies are for each daemon or service. For example I’ve been experimenting with dnsdist which has a docker-style —supervised flag where it runs in foreground and spits out logging info to stdout. This runs fine, others may require a wrapper script to set the appropriate things up. Alternatively add a rc.local that never returns? Then normal rc system could be used. Something like while true do sleep 99d; done? A+ Dave
