Created
December 18, 2017 06:42
-
-
Save aryak007/95a68e06ca01756dbde2ac295fe240f6 to your computer and use it in GitHub Desktop.
Docker Notes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| My guess is that you're running a non-privileged container. systemd requires CAP_SYS_ADMIN capability but Docker drops that capability in the non privileged containers, in order to add more security. | |
| systemd also requires RO access to the cgroup file system within a container. You can add it with –v /sys/fs/cgroup:/sys/fs/cgroup:ro | |
| So, here a few steps on how to run CentOS with systemd inside a Docker container: | |
| Pull centos image | |
| Set up a docker file like the one below: | |
| FROM centos | |
| MAINTAINER “Yourname" <youremail@address.com> | |
| ENV container docker | |
| RUN yum -y update; yum clean all | |
| RUN yum -y install systemd; yum clean all; \ | |
| (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ | |
| rm -f /lib/systemd/system/multi-user.target.wants/*;\ | |
| rm -f /etc/systemd/system/*.wants/*;\ | |
| rm -f /lib/systemd/system/local-fs.target.wants/*; \ | |
| rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ | |
| rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ | |
| rm -f /lib/systemd/system/basic.target.wants/*;\ | |
| rm -f /lib/systemd/system/anaconda.target.wants/*; | |
| VOLUME [ “/sys/fs/cgroup” ] | |
| CMD [“/usr/sbin/init”] | |
| Build it - docker build --rm -t centos7-systemd - < mydockerfile | |
| Run a container with docker run --privileged -ti -e container=docker -v /sys/fs/cgroup:/sys/fs/cgroup centos7-systemd /usr/sbin/init | |
| You should have systemd in your container |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment