iMX8 Debian Container

Technical Support
, , ,
1

Hello,

I am testing a new iMX8 Colibri module with debian base container but seems that the systemclt is not running. I can see it is running in the Torizon Core image but starting a container with the base image does not have systemd. Is there a container available for debian to run on IMX8 colibri module as with the iMX7 lxde:buster which everything worked fine when starting the container.

Thks
Mark

2

Greetings @bigmc,

I’m a little confused, allow me to ask some questions so I can understand the situation here.

  • Is the host systemd running on the i.MX8?
  • Do you want to run systemd in the container?
  • When you say *as with the iMX7 lxde:buster * you’re referring to systemd running in this container?

Let me start by saying if you do mean systemd running in a container then there is no error. Our recent containers do not have systemd installed/running in them by default. This is because in order to use systemd properly in a container involved various hacks and giving the container runtime privileges which are inherently insecure.

We stopped doing this after the old LXDE container in order to follow best practices.

So if I do understand this all correctly then a follow-up question I have is, why/for what purpose do you need systemd in a container?

Best Regards,
Jeremias

3

Hello,

Yes the status of the systemd is running when I check on the Torizon host Os.

Yes, we have an iMX7 Colibri module which when a container is created with lxde:buster, I check the status of systemd and it is running with no issues. We would like the same with the iMX8 debian container when started.

Yes, with iMX7 the systemd is running in the Torizon core and also in the debian container.

Yes, I have done some reading and also see that security wise it is not best practice but we have a lot of processes running and services starting and stopping in the field for our applications. When we have an issue in the field we need to quickly monitor running processes.

Do I need to build a custom container with the debian base Os and integrate systemd? or can this be added to a current container?

Thks
Mark

4

Hi Mark,

While it is possible to make such a container for the i.MX8. If I may, perhaps there is an alternative approach here where you do not need to do this.

It’s possible to architect your system using container in a way that each container only has 1 main application/process running per container. In fact this is a best practice way as to avoid one monolithic container with all your processes in it. Since each container now only has 1 process each, it becomes a matter of monitoring/managing containers rather than processes. There are tools for this such as “Portainer” which can be used to stop/start/monitor the state of multiple containers. Is this concept clear for you? I’d be happy to elaborate or clear up any parts here.

So would such a method work for the system you’re designing? Or are there other aspects to this that I’m not seeing?

Like I said the systemd in a container method is certainly possible as you’ve seen with the LXDE container, but I’d prefer for us to approach this from a " best practice approach" if possible.

Best Regards,
Jeremias