PDA

View Full Version : SLES 12 SP1 Running a service on docker



arod20832
06-Dec-2016, 19:33
Hello all,

I'm new to SLES and docker so any help/pointers would be greatly appreciated! I'm running SLES 12sp2. I followed the docker guide (https://www.suse.com/documentation/sles-12/book_sles_docker/data/book_sles_docker.html) and got docker installed and my base SLES images activated.

When I run a docker container of image 'sles12sp1' I can't seem to be able to run systemctl start on anything. The error I get is: Failed to get D-Bus connection: Unknown error -1.

Here's an example for trying to run a brand new container with openssh. What am i missing? Thank you in advance!!



linux-uou1:~ # docker run -ti --rm suse/sles12sp1:latest /bin/bash
bash-4.2# zypper --gpg-auto-import-keys ref -s
Refreshing service 'container-suseconnect'.
Adding repository 'SLES12-SP1-Debuginfo-Pool for sle-12-x86_64' .................................................. .................................................. ...............[done]
Adding repository 'SLES12-SP1-Debuginfo-Updates for sle-12-x86_64' .................................................. .................................................. ............[done]
Adding repository 'SLES12-SP1-Pool for sle-12-x86_64' .................................................. .................................................. .........................[done]
Adding repository 'SLES12-SP1-Source-Pool for sle-12-x86_64' .................................................. .................................................. ..................[done]
Adding repository 'SLES12-SP1-Updates for sle-12-x86_64' .................................................. .................................................. ......................[done]
All services have been refreshed.
Retrieving repository 'SLES12-SP1-Pool for sle-12-x86_64' metadata .................................................. .................................................. ............[done]
Building repository 'SLES12-SP1-Pool for sle-12-x86_64' cache .................................................. .................................................. .................[done]
Retrieving repository 'SLES12-SP1-Updates for sle-12-x86_64' metadata .................................................. .................................................. .........[done]
Building repository 'SLES12-SP1-Updates for sle-12-x86_64' cache .................................................. .................................................. ..............[done]
All repositories have been refreshed.
bash-4.2# zypper in -yn openssh
Refreshing service 'container-suseconnect'.
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following 3 NEW packages are going to be installed:
libedit0 libncurses6 openssh

The following 3 packages are recommended, but will not be installed (only required packages will be installed):
audit openssh-helpers xauth

3 new packages to install.
Overall download size: 1.2 MiB. Already cached: 0 B. After the operation, additional 5.7 MiB will be used.
Continue? [y/n/? shows all options] (y): y
Retrieving package libncurses6-5.9-40.124.x86_64 (1/3), 349.4 KiB ( 1.0 MiB unpacked)
Retrieving: libncurses6-5.9-40.124.x86_64.rpm .................................................. .................................................. .................................[done]
Retrieving package libedit0-3.1.snap20140620-1.13.x86_64 (2/3), 94.8 KiB (247.1 KiB unpacked)
Retrieving: libedit0-3.1.snap20140620-1.13.x86_64.rpm .................................................. .................................................. .........................[done]
Retrieving package openssh-6.6p1-52.1.x86_64 (3/3), 829.8 KiB ( 4.5 MiB unpacked)
Retrieving: openssh-6.6p1-52.1.x86_64.rpm .................................................. .................................................. .....................................[done]
Checking for file conflicts: .................................................. .................................................. ..................................................[done]
(1/3) Installing: libncurses6-5.9-40.124.x86_64 .................................................. .................................................. ...............................[done]
(2/3) Installing: libedit0-3.1.snap20140620-1.13.x86_64 .................................................. .................................................. .......................[done]
(3/3) Installing: openssh-6.6p1-52.1.x86_64 .................................................. .................................................. ...................................[done]
Additional rpm output:
Updating /etc/sysconfig/ssh...


bash-4.2# systemctl enable sshd
bash-4.2# systemctl start sshd
Failed to get D-Bus connection: Unknown error -1

ab
06-Dec-2016, 20:15
Note: I am not a Docker guru.

First, is there a reason you are doing it this way? Docker-based
virtualization is not meant to be like other virtualization where you have
a bunch of processes installed to make it a full server with SSH-based
remote access, remote users accessing it to do whatever, etc., or at least
that is my understanding. Docker virtualization is meant to run one
application in the most-lightweight environment possible, which is why the
images from which containers are started are often in the tens or hundreds
of MiBs total. Lighter than LXC and OpenVZ, much lighter than hardware
virtualization (KVM, VirtualBox, Xen, etc.), it's meant to do one thing
and do it only.

With that in mind, have you tried calling sshd directly rather than using
systemctl? Alternatively, if you add strace you may be able to see where
the DBus call is happening and troubleshoot that more-directly. You may
be able to do this from the host even, since the processes should show up
there too.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...

arod20832
06-Dec-2016, 23:00
Thanks for the response.

After some googling to see how others have dealt with this issue in other distros I was able to get it to work by doing the following:

1. Extending the base image by installing systemd (small image size increase)

zypper in -yn systemd

2. Then I created a container based on this image with the following command:


docker run -it -e "container=docker" --privileged=true -d --security-opt seccomp:unconfined --cap-add=SYS_ADMIN -v /sys/fs/cgroup:/sys/fs/cgroup:ro --name base_a_instance_1 sles12sp1:base_a bash -c "/sbin/init"

For a full explaination of why this works see: https://developers.redhat.com/blog/2014/05/05/running-systemd-within-docker-container/

ab
07-Dec-2016, 07:45
Great follow-up; thanks for sharing your details and the information you
found searching elsewhere too.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...