That's what I want to say, thank you!

I want to combine different software in containers in docker-compose
like way. It's more similar with a system container then a `guix
environment` container.

I'm not a Docker hater, but docker will corrupt your iptables entry and
make the system impure. If you wanna use iptables-service-type and
docker-service-type together, when you run `herd restart iptables`. All
docker specific rules will be erased. 

> Supposing that we've developed some system container that starts a service
> on port N. If we want to run another instance of the same container, we
> first need to override the port number for the service in our
> operating-system, otherwise the service in the second container will fail
> to bind to port N in the shared network namespace. With a couple of
> one-service containers this may not be so hard, but system containers in
> general could have lots of services, and the authors of individual
> containers may not want to worry about choosing port numbers that are
> mutually disjoint from those in all other containers (and those used by the
> container host itself).

-- 
Retrieve my PGP public key: https://meta.sr.ht/~citreu.pgp

Zihao