Chris Marusich writes:

> Hi Ludo and others following along,

...

> Thanks for reading this far.  I look forward to hearing your thoughts!

Awesome stuff Chris, I've tried this myself, on a Debian machine with
Docker installed.

I struggled getting root, as su and sudo didn't seem to work, until I
realised I could just replace alice with root in the "docker exec"
command...

Anyway, when I got root, I could tell that the system hadn't come up
correctly. The problem seemed to be related to cgroups.

  root@komputilo /# mount -t cgroup /sys/fs/cgroup/cpu
  mount: /sys/fs/cgroup/cpu: cgroup already mounted on
  /sys/fs/cgroup/systemd.

  root@komputilo /# herd status
  Started:
   + file-system-/sys/fs/cgroup/perf_event
   + file-system-/dev/shm
   + host-name
   + root
   + file-system-/sys/fs/cgroup
   + file-system-/sys/fs/cgroup/cpuset
   + file-system-/dev/pts
   + user-file-systems
   + root-file-system
   + file-system-/gnu/store
   + file-system-/sys/fs/cgroup/freezer
   + file-system-/sys/fs/cgroup/memory
   + file-system-/sys/fs/cgroup/devices
   + file-system-/sys/fs/cgroup/blkio
  Stopped:
   - file-system-/sys/fs/cgroup/hugetlb
   - file-system-/sys/fs/cgroup/cpuacct
   - file-system-/sys/fs/cgroup/cpu
   - guix-daemon
   - file-systems
   - syslogd
   - urandom-seed
   - nscd
   - user-homes
   - user-processes

  root@komputilo /# herd start guix-daemon
  herd: exception caught while executing 'start' on service 'file-system-/sys/fs/cgroup/cpu':
  ERROR: In procedure mount: mount "cgroup" on "///sys/fs/cgroup/cpu": Device or resource busy


I changed the %base-file-systems in the very-bare-bones system with
%container-file-systems, and then things started working.

I tried without privileged mode, and got a error related to the firmware
service. This isn't included when you build call
operating-system-derivation with the #:container? #t argument, and sure
enough I was able to get the system up without the Docker --privileged
flag. I think Ludo mentioned this in his reply.

Unfortunately, while I could get a shell using "docker exec ...", I had
to start the guix-daemon manually as the shepherd service didn't seem to
work, at least initially. Also, when I had started it, I tried
installing a package, and there was some promising output to start off
with, but then it failed with:

  guix package: error: build failed: cloning builder process: Operation
  not permitted

Anyway, this is all pretty great! Awesome work getting this far. I'm
very excited to see what services will run this way, as Docker could
provide, albeit with some overhead, a layer of interoperability between
software that can handle Docker containers, and Guix.

Thanks again,

Chris