
Baseimage-docker, fat containers and “treating containers as VMs” - kesor
https://blog.phusion.nl/2015/01/20/baseimage-docker-fat-containers-treating-containers-vms/
======
kesor
Apparently Docker are aware of this problem, but putting a huge Python init
process in there is just evil.

[https://github.com/docker/docker/issues/11529](https://github.com/docker/docker/issues/11529)

And the problem appears in such edge cases that it is doubtfully worthy of so
much attention. When a pid-1 process spawns daemons, that in turn leave
orphaned zombies - this pid-1 will get assigned with them. (described in 'man
7 pid_namespaces')

Supposedly this non-init pid1 is not reaping orphaned zombies, which might get
the namespace to pid_max (33k default) and run out of pids to use.

------
kesor
What I find most appaling about this, is that Phusion invented their own
problem (PID1 reaping) that doesn't even exist in reality - and they keep
banging that drum to create as much FUD as possible around something that is
completely wrong and against the actual intent of Docker (the company, the
community, the tool, the best practice, the ecosystem).

~~~
andyshinn
I've been doing stuff with Docker for a while and I have run in to issues here
and there, but never the PID reaping problem. In fact, I actually strive now
to make the application PID 1 and only run 1 process. This is specifically so
that the container will exit and the host or other scheduling logic can deal
with the event.

