Systemctl cannot be used on Ubuntu inside Docker container

Introduction

When creating a system or application, I thought that if it could be built on a Docker container, it would lead to efficiency in development and maintenance, so I tried various things, so I will summarize the basics.

The title was the one I was most addicted to.

Prerequisites

[Host OS] ・ Ubuntu20.04 LTS (on GCP)

[Soft Image Version] ・ Docker 19.03.13 ・ OS Ubuntu20.04 LTS of container image

What you want to do

1. installing and configuring docker
Create container in docker
1. Enter the container and start Apache
Modify the image file and reimage it

1. 1. installing and configuring docker

When installing from the Docker repository, follow the procedure below.

Since version 14.04, ʻapt-get is not used because ʻapt command is recommended.

Make sure Docker is not installed

$ sudo dpkg -l docker

Package management tool updates

$ sudo apt update

⇒ If dpkg-query: no packages found matching docker is displayed, it is not installed.

Software installation required for Docker installation

$ sudo apt install \
    apt-transport-https \
    ca-certificates \
    curl \
    software-properties-common

Added Docker official GPG public key

$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Check if the public key has been added properly

$ sudo apt-key fingerprint

Add repository

Confirm that there is no docker in the repository.

Nothing should be displayed even if you execute the following command.

$ cat /etc/apt/sources.list | grep docker

Repository settings

`python`


$ sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"

Confirm that the repository has been added

`python`


$ cat /etc/apt/sources.list | grep docker
deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
# deb-src [arch=amd64] https://download.docker.com/linux/ubuntu focal stable

Check available version

`python`


$ apt-cache madison docker-ce
 docker-ce | 5:19.03.13~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.12~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.11~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.10~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.9~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages

install docker

Since the repository has been added, ʻupdate again and then run ʻinstall

`python`


$ sudo apt update
$ sudo apt install docker-ce

Check the installed docker version

`python`


$ sudo docker version
Client: Docker Engine - Community
 Version:           19.03.13
 API version:       1.40
 Go version:        go1.13.15
 Git commit:        4484c46d9d
 Built:             Wed Sep 16 17:02:52 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Check if the daemon is started

`python`


$ sudo systemctl status docker
● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2020-09-30 00:22:29 UTC; 30min ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 25020 (dockerd)
      Tasks: 9
     Memory: 36.8M
     CGroup: /system.slice/docker.service

Operation check of docker

Hello world Get a sample docker image and run it.

`python`


$ sudo docker container run hello-world

Check the list of current images and containers

`python`


#List images
$ sudo docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
hello-world         latest              bf756fb1ae65        9 months ago        13.3kB

#List of containers (including stopped)
$ sudo docker container ls -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS   
            NAMES
e8a73ecd0c16        hello-world         "/hello"            5 minutes ago       Exited (0) 5 minutes ago           
            condescending_diffie

#Display of running container
$ sudo docker container ls
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS          
     NAMES

The hello-world container is not running because it will stop after the message is output.

Since I was able to confirm the operation, I deleted the container and image once.

`python`


$ sudo docker container rm [Container ID]
$ sudo docker image rm [Image ID]

docker settings

Auto start settings

$ sudo systemctl unmask docker.service
$ sudo systemctl enable docker
$ sudo systemctl is-enabled docker

Added to docker group to execute docker command without sudo.

`python`


#First of all[docker]Group confirmation. * If you do not have a group, you need to create one yourself.
$ cat /etc/group | grep docker
docker:x:998:

# [docker]Add users to the group.
$ sudo usermod -aG docker [username]

After restarting Ubuntu, if you can execute the command without sudo as shown below, you can change the settings.

Restart is executed from GCP because the VM instance is created on GCP)

$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

2. Create container in docker

Since the container is built using the docker image, first get the docker image. Many images have already been published on the docker site, so search for the desired image with the search command and get the image.

Confirmation of the image to be acquired

`python`


$docker search [arbitrary keyword]

Get image

`python`


# docker image pull [OPTIONS] NAME[:TAG|@DIGEST]
$ docker image pull  ubuntu:20.04

20.04: Pulling from library/ubuntu
d72e567cc804: Pull complete 
0f3630e5ff08: Pull complete 
b6a83d81d1f4: Pull complete 
Digest: sha256:bc2f7250f69267c9c6b66d7b6a81a54d3878bb85f1ebb5f951c896d13e6ba537
Status: Downloaded newer image for ubuntu:20.04
docker.io/library/ubuntu:20.04

This time, create a container for Ubuntu 20.04 on top of Ubuntu 20.04 as the host OS.

Create container from image

`shell::`


$ docker container run -it -d --name test-ubuntu20-4 ubuntu:20.04

#When you want to associate a port number
# docker container run -it -d -p 8080(Ubuntu side port):5000(Port on the container side) --name webgis-server ubuntu:20.04

1). If the image doesn't exist on the localhost, it will automatically pull the image from the repository when you run docker container run to create a container for you.
2). Without the Options command, the container will exit immediately after startup.

** Check the running container **

`python`


$ docker container ls
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS          
     NAMES
19b7ac7c40ad        ubuntu:20.04        "/bin/bash"         8 seconds ago       Up 7 seconds                       
     test-ubuntu20-4

3. 3. Enter the container and start Apache

Enter the container (test-ubuntu20-4) created earlier

$ docker attach test-ubuntu20-4

Once you exit with ʻexit, the container will be stopped, so when you enter again, start it with docker container start [container name]`.

Package management tool updates.

# apt update

Apache installation

# apt install -y apache2

When you install any package for the first time, you will be asked for the area and time zone on the way, so set as follows. ・ Geographic area: 6 (Asia) ・ Time Zone: 79 (Tokyo)

Check the startup status of Apache.

# systemctl status apache2
bash: systemctl: command not found

Since the above message is displayed and it cannot be operated, install the package so that systemctl can be used. (Simple startup etc. can be done with the command service apache2 ~~~~.)

# apt install -y systemd

Check the startup status of Apache again.

# systemctl status apache2
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down

There seems to be a problem with PID1, so let's check it.

# ps aux
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root           1  0.5  0.1   4240  3384 pts/0    Ss   16:40   0:00 /bin/bash
root           8  0.0  0.1   5888  2912 pts/0    R+   16:40   0:00 ps aux

Actually, when you create a container with the docker container run -it -d --name ubuntu: 20.04 command, the COMMAND of [PID: 1] of Ubuntu in the container becomes / sbin / bash. In this case, it seems that the systemctl command cannot be used.

When creating the first container, I tried to specify the initial process in / sbin / init with the following command, but it is said that / sbin / init does not exist in the image.

`python`


#Since it is a test execution, it is not necessary to execute it as a series of work this time.
$ docker container run -it -d --privileged --name webgis-server ubuntu:20.04 /sbin/init

docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process c
aused "exec: \"/sbin/init\": stat /sbin/init: no such file or directory": unknown.

** It may be possible to image Ubuntu where / sbin / init exists! ** **

4. Modify the image file and reimage it

Create / sbin / init as a symbolic link to/ usr / lib / systemd / system /.

# ln -s  /usr/lib/systemd/system/ /sbin/init

Since it is a container with ** Apache2 and Systemd installed and / sbin / init created ** on the original image, create an image from the container that was temporarily taken out of the container and stopped.

`python`


$ docker commit test-ubuntu20-4 test-ubuntu20-4:add-init
sha256:5f25a8ff7149b22665aeb4d076919ba06d7e5c3f06c77834e60c6a7e042e6bf2

#Check the list of images
$ $ docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
test-ubuntu20-4     add-init            91fffb874bf9        About a minute ago   202MB
ubuntu              20.04               9140108b62dc        2 weeks ago          72.9MB
hello-world         latest              bf756fb1ae65        9 months ago         13.3kB

Create container again from image file

Create a container from the image created earlier

$ docker container run -it -d --privileged --name test-ubuntu20-4-2 test-ubuntu2
0-4:add-init /sbin/init

af59767d9b17c60fcb5284ec3669bc61edb5f4a7e5a019b5c572997553d43e9f
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process c
aused "exec: \"/sbin/init\": permission denied": unknown.

It is said that I do not have access rights this time, and it seems difficult to start it with [PID1 = / sblin / init] after all. I've researched various things, but basically systemd cannot be used as a process management tool in the docker container. (There may be nothing you can't do if you force it, but there seems to be no merit to do so.) ・ [Reference Site 1](https://www.it-swarm-ja.tech/ja/boot/ubuntu%E3%81%8C%E8%B5%B7%E5%8B%95%E3%81%97 % E3% 81% AA% E3% 81% 84% EF% BC% 9Aruninit% EF% BC% 9A-sbin-init% EF% BC% 9Apermission-denied-and-bin-sh% EF% BC% 9A0% EF % BC% 9Acan-not-open-splash / 961074669 / amp / ) ・ Reference Site 2

Summary

First of all, I briefly summarized the procedure for installing docker and creating a container, but since the kernel used for operation is different between VM and container, process management tools cannot be used in the same way. When creating a service in a container, understand that the program that daemonizes [PID1 = init] does not work. When managing processes with docker, it seems that ** Supervisor ** is common.