Eray Aslan: > On Tue, Dec 19, 2017 at 10:01:53AM -0500, Wietse Venema wrote: > > I suppose one approach is to make a Postfix container disposable, > > i.e. a container is never updated with a new Postfix version, but > > it is replaced with a newer one > > That is the common Docker approach. Images are immutable. > > > and it imports its queue and data directories from the host. These > > directories must of course not be imported into multiple containers. I > > don't know how to prevent that. > > That is a problem for a different layer of the stack. The sysadmin is > supposed to provide persistent storage and make sure that multiple > containers do not write to the same directory. It should not be our job > to babysit the infra. Inform and bail out if the deal is broken?
Postfix will bail out if it knows that the queue or data directory are shared, because that can result in data corruption. How do I enforce that constraint when directories are imported into a container from the host? > > Also, a Postfix container would import the logging sockets from the > > host (www.projectatomic.io/blog/2016/10/playing-with-docker-logging) > > and would set 'syslog_name = $myhostname/postfix' in the container's > > main.cf file to make logging from different containers distinct. > > Of course the logging sockets may be imported into as many containers > > as needed. > > Uhm, systemd (or any other init system) as pid 1 is not the "docker > way". It is better for docker to know when the service has stopped / > crashed etc so it can take appropriate action. So consider ditching > seperate pid 1 daemon option. THIS ARTICLE IS NOT ABOUT RUNNING SYSTEMD IN THE CONTAINER. Or any other non-Postfix daemon, for that matter. Wietse