AkihiroSuda/containerized-systemd AkihiroSuda/containerized-systemd

  • Stars
    star
    121
  • Rank 292,254 (Top 6 %)
  • Language
    Shell
  • License
    Apache License 2.0
  • Created over 4 years ago
  • Updated over 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
AkihiroSuda/containerized-systemd
github

AkihiroSuda

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Dockerfile examples for containerized systemd (mainly for test environments)

Dockerfile examples for containerized systemd (mainly for test environments)

  • Dockerfile.archlinux: Arch Linux (systemd 247, as of Feb 2021)
  • Dockerfile.centos-8.3: CentOS 8.3 (systemd 239)
  • Dockerfile.debian-10: Debian GNU/Linux 10 (systemd 241)
  • Dockerfile.fedora-33: Fedora 33 (systemd 246)
  • Dockerfile.opensuse-tumbleweed: openSUSE Tumbleweed (systemd 246, as of Feb 2021)
  • Dockerfile.ubuntu-20.04: Ubuntu 20.04 (systemd 245)

Demo 1: interactive shell with systemctl

  • The command (/bin/bash) specified as the argument of docker run is executed as the foreground job in the container.
  • Workdir (--workdir /usr) is propagated
  • Env vars (-e FOO=hello) are propagated
  • The container shuts down when the command exits. The exit status code (42) is propagated.
host$ docker build -t foo -f Dockerfile.debian-10 .
host$ docker run -it --rm --privileged --workdir /usr -e FOO=hello foo /bin/bash
Created symlink /etc/systemd/system/docker-entrypoint.target.wants/docker-entrypoint.service โ†’ /etc/systemd/system/docker-entrypoint.service.
Created symlink /etc/systemd/system/systemd-firstboot.service โ†’ /dev/null.
Created symlink /etc/systemd/system/systemd-udevd.service โ†’ /dev/null.
/docker-entrypoint.sh: starting /lib/systemd/systemd --show-status=false --unit=docker-entrypoint.target
systemd 241 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid)
Detected virtualization docker.
Detected architecture x86-64.
Set hostname to <4608072355e2>.
+ /bin/bash
root@4608072355e2:/usr# systemctl status
โ— 4608072355e2
    State: running
     Jobs: 0 queued
   Failed: 0 units
    Since: Mon 2020-02-10 21:41:37 UTC; 3s ago
   CGroup: /system.slice/docker-4608072355e222fd25bdfa4b74e48c3f087f4d8128814a29d4035e7a8e42a364.scope
           โ”œโ”€init.scope
           โ”‚ โ””โ”€1 /lib/systemd/systemd --show-status=false --unit=docker-entrypoint.target
           โ””โ”€system.slice
             โ”œโ”€systemd-journald.service
             โ”‚ โ””โ”€26 /lib/systemd/systemd-journald
             โ””โ”€docker-entrypoint.service
               โ”œโ”€38 /bin/sh -xec /bin/bash
               โ”œโ”€39 /bin/bash
               โ”œโ”€40 systemctl status
               โ””โ”€41 pager
root@4608072355e2:/usr# pwd
/usr
root@4608072355e2:/usr# echo $FOO
hello
root@4608072355e2:/usr# exit 42
exit
host$ echo $?
42

Demo 2: journalctl -f

host$ docker run -it --rm --privileged foo journalctl -f
Created symlink /etc/systemd/system/docker-entrypoint.target.wants/docker-entrypoint.service โ†’ /etc/systemd/system/docker-entrypoint.service.
Created symlink /etc/systemd/system/systemd-firstboot.service โ†’ /dev/null.
Created symlink /etc/systemd/system/systemd-udevd.service โ†’ /dev/null.
/docker-entrypoint.sh: starting /lib/systemd/systemd --show-status=false --unit=docker-entrypoint.target
systemd 241 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid)
Detected virtualization docker.
Detected architecture x86-64.
Set hostname to <827af95def7e>.
+ journalctl -f
-- Logs begin at Wed 2020-02-12 06:20:22 UTC. --
Feb 12 06:20:22 827af95def7e systemd[1]: Started Flush Journal to Persistent Storage.
Feb 12 06:20:22 827af95def7e systemd[1]: Starting Create Volatile Files and Directories...
Feb 12 06:20:22 827af95def7e systemd[1]: Started Create Volatile Files and Directories.
Feb 12 06:20:22 827af95def7e systemd[1]: Condition check resulted in Network Time Synchronization being skipped.
Feb 12 06:20:22 827af95def7e systemd[1]: Reached target System Time Synchronized.
Feb 12 06:20:22 827af95def7e systemd[1]: Starting Update UTMP about System Boot/Shutdown...
Feb 12 06:20:22 827af95def7e systemd[1]: Started Update UTMP about System Boot/Shutdown.
Feb 12 06:20:22 827af95def7e systemd[1]: Reached target System Initialization.
Feb 12 06:20:22 827af95def7e systemd[1]: Started docker-entrypoint.service (journalctl -f).
Feb 12 06:20:22 827af95def7e systemd[1]: Startup finished in 410ms.
^Cgot signal INT
host$ echo $?
130

Bugs

  • docker run needs -t

More Repositories

1

lsf

Linux Subsystem for FreeBSD (๐Ÿ˜ˆ onย ๐Ÿง)
Go
168
star
2

issues-docker

๐Ÿณ Docker Issues and Tips (aufs/overlay/btrfs..)
165
star
3

apt-transport-oci

OCI transport plugin for apt-get (i.e., apt-get over ghcr.io)
Go
101
star
4

go-netfilter-queue

Go bindings for libnetfilter_queue (Forked from openshift/geard)
Go
89
star
5

buildbench

benchmark tool for Docker, BuildKit, img, Buildah, and Kaniko
Shell
77
star
6

aspectgo

Aspect-Oriented Programming framework for Go
Go
65
star
7

myaot

Succeeded by https://github.com/yomaytk/elfconv
Go
34
star
8

vexllm

silence negligible CVE alerts using LLM
Go
26
star
9

instance-per-pod

Create a dedicated IaaS instance per Pod to mitigate container breakout (including CPU vulnerabilities depending on the instance type)
Go
22
star
10

filegrain

transport-agnostic, fine-grained content-addressable container image layout
Go
22
star
11

nac

Not A Container, for macOS
C
20
star
12

clone3-workaround

Workaround for running ubuntu:21.10, fedora:35, and other glibc >= 2.34 distros on Docker <= 20.10.9
Go
19
star
13

go-dag

Minimalistic DAG utility with concurrent scheduler
Go
18
star
14

yamlctl

An experimental tool to modify YAMLs without losing (most of) comment lines.
Go
16
star
15

moby-snapshot

Binary snapshot of Moby (irregularly updated)
Shell
15
star
16

ntimes

โŒš time(1) with average time, flaky rate, ..
Go
13
star
17

awesome-swarm

[OUTDATED] ๐Ÿณ ๐Ÿณ ๐Ÿณ A curated list of Swarm (Docker >=1.12) resources and projects
12
star
18

go-replay

record-less semi-deterministic replayer for Go programs
Go
11
star
19

cni-isolation

CNI Bridge Isolation Plugin (Merged into the firewall plugin v1.1.0)
Go
9
star
20

AkihiroSuda

Profile page for https://github.com/AkihiroSuda
8
star
21

podman-network-create-for-rootless-podman

`podman network create` for Rootless Podman
Dockerfile
3
star
22

passt-mirror

Mirror of https://passt.top/passt/ . Pull requests are not accepted here.
C
3
star
23

go-wrap-to-percent-w

convert `Wrap(err, "foo")` to `Errorf("foo: %w", err)`
Go
3
star
24

test18180

Checker for docker/docker#18180
Shell
3
star
25

multidocker

๐Ÿณ ๐Ÿณ ๐Ÿณ Multiple Docker daemons on a single machine
Go
3
star
26

go-docker-machine

Go binding for Docker Machine
Go
2
star
27

securebind-docker

recursive read-only bind-mount for Docker
Go
2
star
28

critest-rootless-cgroup2

critest example (rootless+cgroup2)
Shell
2
star
29

go-list-func

List up functions in a Go package
Go
1
star
30

anbox-android-images-mirror

Mirror of https://build.anbox.io/android-images
1
star
31

dind-ovs-ryu-pipework-superpack.BAK

Docker-in-Docker + OVS + ryu + pipework Superpack (MOVED to osrg/dockerfiles)
Shell
1
star
32

x-sys-unix-auto-eintr

golang.org/x/sys/unix with automatic EINTR handler
Go
1
star
33

z42

0๏ธโƒฃ Zeroconf (mDNS) for Amazon EC2
Python
1
star
34

MicroEarthquake.BAK

๐ŸŒ reproduces flaky bugs by fuzzing process scheduling
Python
1
star
35

go-linuxsched

Go binding for sched_setattr(2) and sched_getattr(2)
Go
1
star