Start service using systemctl inside docker container

Question

In my Dockerfile I am trying to install multiple services and want to have them all start up automatically when I launch the container. One among the services is mysql and when I launch the container I don't see the mysql service starting up. When I try to start manually, I get the error: Failed to get D-Bus connection: Operation not permitted

Dockerfile:

FROM centos:7

RUN yum -y install mariadb mariadb-server

COPY start.sh start.sh

CMD ["/bin/bash", "start.sh"]

My start.sh file:

service mariadb start

Docker build:

docker build --tag="pbellamk/mariadb" .

Docker run:

docker run -it -d --privileged=true pbellamk/mariadb bash

I have checked the centos:systemd image and that doesn't help too. How do I launch the container with the services started using systemctl/service commands.

Answer 1

When you do docker run with bash as the command, the init system (e.g. SystemD) doesn’t get started (nor does your start script, since the command you pass overrides the CMD in the Dockerfile). Try to change the command you use to /sbin/init, start the container in daemon mode with -d, and then look around in a shell using docker exec -it <container id> sh.

Answer 2

Docker is designed around the idea of a single service/process per container. Although it definitely supports running multiple processes in a container and in no way stops you from doing that, you will run into areas eventually where multiple services in a container doesn't quite map to what Docker or external tools expect. Things like moving to scaling of services, or using Docker swarm across hosts only support the concept of one service per container.

Docker Compose allows you to compose multiple containers into a single definition, which means you can use more of the standard, prebuilt containers (httpd, mariadb) rather than building your own. Compose definitions map to Docker Swarm services fairly easily. Also look at Kubernetes and Marathon/Mesos for managing groups of containers as a service.

Process management in Docker

It's possible to run systemd in a container but it requires --privileged access to the host and the /sys/fs/cgroup volume mounted so may not be the best fit for most use cases.

The s6-overlay project provides a more docker friendly process management system using s6.

It's fairly rare you actually need ssh access into a container, but if that's a hard requirement then you are going to be stuck building your own containers and using a process manager.

Answer 3

You can avoid running a systemd daemon inside a docker container altogether. You can even avoid to write a special start.sh script - that is another benefit when using the docker-systemctl-replacement script.

The docker systemctl.py can parse the normal *.service files to know how to start and stop services. You can register it as the CMD of an image in which case it will look for all the systemctl-enabled services - those will be started and stopped in the correct order.

The current testsuite includes testcases for the LAMP stack including centos, so it should run fine specifically in your setup.

Answer 4

I found this project:

https://github.com/defn/docker-systemd

which can be used to create an image based on the stock ubuntu image but with systemd and multiuser mode.

My use case is the first one mentioned in its Readme. I use it to test the installer script of my application that is installed as a systemd service. The installer creates a systemd service then enables and starts it. I need CI tests for the installer. The test should create the installer, install the application on an ubuntu, and connect to the service from outside.

Without systemd the installer would fail, and it would be much more difficult to write the test with vagrant. So, there are valid use cases for systemd in docker.