Trying to launch a systemd container with following command:
docker run --privileged -ti centos:7 /usr/sbin/init
It works just as expected but with a curious side effect; it kills all tty sessions on the host and I get the login prompt.
Why is this is happening?
$ docker version
Client:
Version: 1.10.3
API version: 1.22
Go version: go1.5.3
Git commit: 20f81dd
Built: Sat Mar 12 19:18:57 2016
OS/Arch: linux/amd64
Server:
Version: 1.10.3
API version: 1.22
Go version: go1.5.3
Git commit: 20f81dd
Built: Sat Mar 12 19:18:57 2016
OS/Arch: linux/amd64
I am by no means an expert on what’s going on here, but my understanding is that systemd doesn’t expect to be run in a container-- it expects to be the real pid1 on the system. Since you passed in --privileged, systemd is communicating with the kernel and doing its thing, which ends up interfering with other stuff on the system somehow.
I don’t have a more technical explanation than that, and I may have a skewed understanding so hopefully someone else with more knowledge on this can comment.
Trying to hunt down the reason for some of my unit tests involving running a privileged Docker container containing systemd out of my terminal sessions I first stumbled upon this this … and then with an improved search this answer to geerlingguy/drupal-vm issue “docker-compose destroys TTY session”.
I could successfully fix this problem based on what user Jasu in the link above reported; now, when building my image, I mask out the following three services/targets:
RUN systemctl mask \
systemd-logind.service getty.service getty.target
Now, I’m probably even beyond necromancy here to answer a question – what? – 8 years afterwards. But stranger things happen.