Docker Community Forums

Share and learn in the Docker community.

Systemctl status is not working in my Docker container


(Mike812) #1

The command “systemctl status” is not working. It never has. My container is on CentOS 7. When I issue “systemctl status” I get results “Failed to get D-Bus connection: operation not permitted.”

I then looked into upgrading systemd. I removed the /etc/yum/protected.d/system.conf file. I then used yum remove systemd. I see that systemd version 219-19.el7_2.4 has been installed. I choose “N” to not actually remove systemd. I then installed systemd-libs-219-19.el7_2.7.x86_64.rpm. I then installed systemd version 2.7. I then used yum remove systemd just to determine the version. I see that systemd version 219-19.el7_2.7 is installed. I choose “NO” to abort the removal. systemctl status still does not work. I get the same error: “Failed to get D-Bus connection: operation not permitted.”

I tried creating a Docker container with the -privileged flag. When I used the “-p 80:80” option, the Docker run command failed. When I left out the “-p 80:80” option in my Docker run command, the new container had the same problem.

I tried creating a Docker container with the -privileged flag. When I used the “-p 80:80” option, the Docker run command failed to create a new container. When I left out the “-p 80:80” option in my Docker run command, the new container had the same problem.

I created a Docker container with a “docker run” … “-v /sys/fs/cgroup:/sys/fs/cgroup:ro” option. But I had the same problem.

I expect “systemctl status” to work. I don’t know if the problem is with how I created the Docker container. Reinstalling (or upgrading) systemd did not work. What should I do to get “systemctl status” to work in a Docker container?


(Jeff Anderson) #2

Hello,

Normally when you run a container you aren’t running an init system. systemctl is a process that communicates with systemd over dbus. If you aren’t running dbus or systemd, I would expect systemctl to fail.

What is the pid1 of your docker container? It should reflect the entrypoint and command that were used to launch the container.

For example, if I do the following, my pid1 would be bash:

$ docker run --rm -it centos:7 bash
[root@180c9f6866f1 /]# ps faux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.7  0.1  11756  2856 ?        Ss   03:01   0:00 bash
root        15  0.0  0.1  47424  3300 ?        R+   03:02   0:00 ps faux

Since only bash and ps faux are running in the container, there would be nothing for systemctl to communicate with.


(Tofindme) #3

Hi,I want to know How to turn init process into systemctl? or tell me which cmd?


(Kornzysiek) #4

Hi, if you go to docker hub of centos7 release you are using there is instruction on how to run the centos with systemctl enabled.In short:

  1. Create a dockerfile and paste:

FROM centos:7
MAINTAINER “you” your@email.here
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in ; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done);
rm -f /lib/systemd/system/multi-user.target.wants/
;
rm -f /etc/systemd/system/.wants/;
rm -f /lib/systemd/system/local-fs.target.wants/;
rm -f /lib/systemd/system/sockets.target.wants/udev;
rm -f /lib/systemd/system/sockets.target.wants/initctl;
rm -f /lib/systemd/system/basic.target.wants/
;
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ “/sys/fs/cgroup” ]
CMD ["/usr/sbin/init"]

Then build the container using in the dir you have created the file (be sure no other files are inside, as they will be taken into the context and may cause troubles :wink: )

docker build --rm -t c7-systemd . (c7-systemd can be replaced with other name)

Then run the image with:
docker run -itd --privileged --name=yourName c7-systemd

Enjoy your systemd enabled centos :slight_smile:


(Avidocker2017) #5

Good information kornzysiek. It solved my problem


(Ravikiran Perumala) #6

Following @kornzysiek update, I’ve tried it & when i execute it, the init phase gets hung and doesn’t respond. Any directions from here ? I’ve to open another terminal & stop the container to get this terminated.

$ docker run -it --privileged --name=rk7 c7_systemd
systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Detected virtualization docker.
Detected architecture x86-64.

Welcome to CentOS Linux 7 (Core)!

Set hostname to <052069cdd742>.
Initializing machine ID from random generator.
[ OK ] Reached target Swap.
[ OK ] Reached target Paths.
[ OK ] Reached target Local File Systems.
[ OK ] Created slice Root Slice.
[ OK ] Listening on Journal Socket.
[ OK ] Listening on Delayed Shutdown Socket.
[ OK ] Created slice System Slice.
Starting Create Volatile Files and Directories…
[ OK ] Reached target Slices.
Starting Journal Service…
[ OK ] Started Create Volatile Files and Directories.
[ INFO ] Update UTMP about System Boot/Shutdown is not active.
[DEPEND] Dependency failed for Update UTMP about System Runlevel Changes.
Job systemd-update-utmp-runlevel.service/start failed with result ‘dependency’.
[ OK ] Started Journal Service.
[ OK ] Reached target System Initialization.
[ OK ] Listening on D-Bus System Message Bus Socket.
[ OK ] Reached target Sockets.
[ OK ] Reached target Basic System.
[ OK ] Reached target Multi-User System.
[ OK ] Reached target Timers.

^Z

^Z
^Z

^Z^Z
^Z
^Z
^Z


(Ashok9177) #7

Hi kornzysiek Thank you for info ,It saved me lot of time and can you suggest me how to enable systemctl in ubuntu docker image ,
docker-ce installed in rhel7.4


(David Maze) #8

You can’t do it without giving the container almost unlimited power over the host system and the ability to break out of the container space, and if you do manage to start systemd it will break things like the host cgroup settings (and to make things worse you’ll have two systemds trying to manage host-global things).

As far as Docker is concerned, in your Dockerfile, you should pretend commands like systemctl and initctl and service and the /etc/init.d tree just don’t exist. Even if you can run them they won’t do what you expect.


(Ashok9177) #9

Thanks for your reply… so, is it worst to use systemctl command in docker container , and how can i implement tomcat application and it should b start when i run docker image . can you suggest me


(Bago213) #10

nope they can’t suggest you… docker is terrible if you actually need your container to act as a server that needs to do more then 1 thing… just implementing something simple as a autorenew service for an ssl cerficate requires you to invent your own workarounds…


(Jamesbrown) #11

I am working on creating a Docker Image with an existing open source App that doesn’t currently have an official image. In existing images they use the actual init.d service which is also not recommended. Following the install instructions for Ubuntu, the service is started using systemctl, if this is not the correct method what is the correct method for handling applications that are typically started using systemctl?