Migrate from ubuntu + docker + docker-compose solution to FCOS

Hi all,
I have a multi container solution with several containers include several DotnetCore API and webapp containers, Nginx as reverse proxy and also PostgerSql container.
I’m running this solution on several on-premise sites. on Ubuntu with docker and docker-compose, all in one docker host. no Kubernetes or such. and everything work fine.
BUT
I’m thinking about hardening my application to be more secure and more performance pointed. I got some recommendation about FCOS.
I went to your very nice getting started web pages, read carefully and learned about and FCOS as I’m completely new to FCOS and even to Fedora.
Now, I have FCOS up and running on Azure, but I’m “Stuck” on how to run my containers all together as I do now with docker-compose.yml file.
As I understands I have 2 options:

  1. Run my docker-compose in another container with sharing of docker.socket.
  2. Run all containers one by one from the ignition file as systemd units.

I hope i didn’t wrote too much nonsense up there, my instincts tells me to go to second option but I couldn’t find any documentation how to create multi containers with same networking definition, health checks, restart definitions and so on, as I do in docker-compose.
if can someone please can shade a light about this topic and suggest me where to go and read more about that?

thanks in advanced!
Eran.

Hey Eran. Thanks for considering Fedora CoreOS.

One other option is to package layer docker-compose (i.e. the equivalent of doing sudo rpm-ostree install docker-compose). Unfortunately it does bring in a lot of python packages, which isn’t ideal, but could be a way for you to at least get started while you work towards the other two options.

As for the other two options, I’m not a huge fan of telling people to throw away their current stack unless they really want to. If docker-compose is working for you then keep using it unless you really want to move :). So give option 1. a shot. IIUC It shouldn’t be too hard at all to run docker-compose in another container on the system and share in the docker socket.

Regarding option 1, I tried it out last year and wrote about it in a Stackoverflow answer

At that time I ran docker-compose like this

podman \
 run \
  --rm \
  --detach \
  --env DOCKER_HOST=unix://$XDG_RUNTIME_DIR/podman/podman.sock \
  --security-opt label=disable \
  --volume $XDG_RUNTIME_DIR/podman/podman.sock:$XDG_RUNTIME_DIR/podman/podman.sock \
  --volume $(pwd):$(pwd) \
  --workdir $(pwd) \
  docker.io/docker/compose \
   --verbose \
   up -d