Docker container with Centos 7 and systemd

centos systemd docker

15,697

Solution 1

I got a working container with https://hub.docker.com/r/centos/systemd/

docker build --rm --no-cache -t c7-systemd-off c7-systemd-off

Dockerfile:

    FROM centos/systemd

    RUN echo "myproxy" >> /etc/yum.conf
    RUN yum -y install httpd; yum clean all; systemctl enable httpd.service

    EXPOSE 80

    CMD ["/usr/sbin/init"]

docker run --privileged --name c7 -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 -d c7-systemd-off
docker exec -it c7 /bin/bash

Solution 2

While you can run a service using systemd in a container, I agree with xenoid's comment that you shouldn't. And unless you need CentOS, you can use one of the official images from Apache:

https://hub.docker.com/_/httpd

If you need CentOS, that's on Docker Hub too:

https://hub.docker.com/r/centos/httpd-24-centos7

From the source you can see that Red Hat themselves aren't running it using systemd either:

FROM centos:centos7

# RHSCL httpd24 image.
#
# Volumes:
#  * /opt/rh/httpd24/root/var/www - Datastore for httpd
#  * /var/log/httpd24 - Storage for logs when $HTTPD_LOG_TO_VOLUME is set
# Environment:
#  * $HTTPD_LOG_TO_VOLUME (optional) - When set, httpd will log into /var/log/httpd24

EXPOSE 80
EXPOSE 443

COPY run-*.sh /usr/local/bin/
RUN mkdir -p /var/lib/httpd24
COPY contrib /var/lib/httpd24/

RUN rpmkeys --import file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 && \
    yum -y --setopt=tsflags=nodocs install https://www.softwarecollections.org/en/scls/rhscl/httpd24/epel-7-x86_64/download/rhscl-httpd24-epel-7-x86_64.noarch.rpm && \
    yum install -y --setopt=tsflags=nodocs gettext hostname bind-utils httpd24 httpd24-mod_ssl && \
    yum clean all

# When bash is started non-interactively, to run a shell script, for example it
# looks for this variable and source the content of this file. This will enable
# the SCL for all scripts without need to do 'scl enable'.
ENV BASH_ENV=/var/lib/httpd24/scl_enable \
    ENV=/var/lib/httpd24/scl_enable \
    PROMPT_COMMAND=". /var/lib/httpd24/scl_enable"


VOLUME ["/opt/rh/httpd24/root/var/www"]
VOLUME ["/var/log/httpd24"]

ENTRYPOINT ["/usr/local/bin/run-httpd24.sh"]
CMD ["httpd", "-DFOREGROUND"]

15,697

T. Kryazh

Updated on September 18, 2022

Comments

T. Kryazh almost 2 years
I'm trying to run centos+systemd Docker container as described here https://hub.docker.com/_/centos/.
1. docker build --rm -t local/c7-systemd c7-systemd
Dockerfile:
```
    FROM centos:7
    ENV container docker
    RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
    systemd-tmpfiles-setup.service ] || rm -f $i; done); \
    rm -f /lib/systemd/system/multi-user.target.wants/*;\
    rm -f /etc/systemd/system/*.wants/*;\
    rm -f /lib/systemd/system/local-fs.target.wants/*; \
    rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
    rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
    rm -f /lib/systemd/system/basic.target.wants/*;\
    rm -f /lib/systemd/system/anaconda.target.wants/*;
    VOLUME [ "/sys/fs/cgroup" ]
    CMD ["/usr/sbin/init"]
```
1. docker build --rm -t local/c7-systemd-httpd c7-systemd-httpd
Dockerfile:
```
    FROM local/c7-systemd
    RUN echo "myproxy" >> /etc/yum.conf
    RUN yum -y install httpd; yum clean all; systemctl enable httpd.service
    EXPOSE 80
    CMD ["/usr/sbin/init"]
```
1. docker run -ti --cap-add SYS_ADMIN --security-opt seccomp:unconfined -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/c7-systemd /bin/bash
I have also tried with --privileged but every time I get this:
```
    [root@e29ecfb082d8 /]# systemctl status
    Failed to get D-Bus connection: Operation not permitted
```
I'm running it in Cygwin, Docker version 18.03.1-ce, build 9ee9f40 (Docker for Windows).

Could you please say if there are any ways to get a working centos7+systemd container with this configuration?
- xenoid about 6 years
  
  Running the service inside the container goes against the philosophy of containers.... You run Apache with a container whose CMD or ENTRYPOINT is httpd itself. Something outside the container (which can be a service) handles startup/restarts if necessary. Also, there are Apache images; no need for the Centos luggage.
FilBot3 over 5 years

Would you happen to have an example of how to run this in docker-compose?
mBrice1024 over 4 years

Using systemd in a container is a convenient way to test Ansible roles that install systemd services.
bmaupin over 4 years

@NicolaMusatti That seems like a great use case. My answer was more directed at using systemd in a container for deploying an application. But even so, I know there are some who advocate doing so.