Hi Nico Kadel-Garcia!

 On 2014.11.09 at 12:55:08 -0500, Nico Kadel-Garcia wrote next:

> > E.g. we had a goal "use SL7 on database host, but run PostgreSQL with
> > some related services inside SL6 container, until we get enough time to
> > make it work on SL7 natively (after which we'll move it from container
> > to base system)".
> > Having nearly complete virtual host with sshd, postgresql server and
> > related tools would be cumbersome in docker. This task can be solved
> > with LXC, however.
> 
> Out of curiosity: what was the problem? I'd assume that SSH, for
> remote configuration management inside the container, and the actual
> running service itself inside the container, would be common
> configurations.

First of all, it's not considered to be best practice to run sshd:
http://jpetazzo.github.io/2014/06/23/docker-ssh-considered-evil/

The problem is with design, with docker you use external configuration
and everything is controlled by it. You use small separate containers
for each kind of service.

Our usage scenario relies on multiple virtual servers, each running
lots of various services, with exact configuration (network, which
services to run and so on; often there is a need to stop bunch of services
on one container and run then on another) controlled by chef. It works
fine with KVM hosts, OpenVZ or LXC containers, but kind of conflicts
with how you're supposed to use docker.

Using chef client "from inside" container to change system configuration
or even its purpose is very different from docker "create container for
this or that service" usage pattern.

-- 

Vladimir