Running Systemd inside a Fedora Docker container
The Docker community does not recommend to run full a fleged OS into containers but there is no technical reason not to, i've been running VPS using different container technologies (Linux Vserver, Pure LXC) for years so my next logic step is to manage my container VPS using Docker, also there are use cases in which run the container with all the system services is convenient.
The only thing that has to be done to run a container as a VPS is to run the init process, since i'm using Fedora i have to use the infamous systemd which is actually a very good and modern init system, the problem with it is that is's being inserted as a dependency in places where it's not really needed (cron stuff for example).
So i said: “well i'll just run systemd while starting the container!”, to my surprise it didn't work since systemd needs to acces some files that the container does not allow you to see, this gets solved by using a privileged container. Still even with a privileged container it does not work, you have to mount the /sys/fs/cgroup as a volume inside the container.
Having done this we just run the container with a command like this:
docker run --name=test-systemd --privileged -tdi -v /sys/fs/cgroup:/sys/fs/cgroup:ro fedora-22-systemd-x86_64 /lib/systemd/systemd
This is the dockerfile i used to create the fedora-22-systemd-x86_64:
FROM imcsk8/fedora-22-server-x86_64 MAINTAINER “Iván Chavero” <firstname.lastname@example.org> # Based on the dockerfile created by: “Dan Walsh” <email@example.com> ENV container docker RUN dnf -y update; dnf clean all RUN dnf -y install systemd; dnf clean all;\ (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ rm -f /lib/systemd/system/multi-user.target.wants/*;\ rm -f /etc/systemd/system/*.wants/*;\ rm -f /lib/systemd/system/local-fs.target.wants/*; \ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*;\ rm -f /lib/systemd/system/anaconda.target.wants/*; VOLUME [ “/sys/fs/cgroup” ] CMD [“/lib/systemd/systemd”]
With this we can create VPS or applications that can behave as they should in a full VM or baremetal system.