What is the difference b/w "service docker start" and "docker -d"? - docker

I'm new to docker, and want to restart docker daemon. I want to add the OPTS to start docker like:
docker --registry-mirror=http://<my-docker-mirror-host> -d
I want to know what is they difference? Does they start the same thing?
By the way, I just use above command in my boot2docker, it did't work at all.

if you use service docker start then it will start docker as service with docker's upstart configuration file, e.g. /etc/default/docker for ubuntu and /etc/sysconfig/docker for centos.
if you use docker -d it will run docker in daemon mode.
if you want define your own registry-mirror for docker, you can do this:
ubuntu
$ echo "DOCKER_OPTS=\"\$DOCKER_OPTS --registry-mirror=http://<my-docker-mirror-host>\"" | sudo tee -a /etc/default/docker
$ sudo service docker restart
centos
sudo sed -i 's|other_args=|other_args=--registry-mirror=http://<my-docker-mirror-host> |g' /etc/sysconfig/docker
sudo sed -i "s|OPTIONS='|OPTIONS='--registry-mirror=http://<my-docker-mirror-host> |g" /etc/sysconfig/docker
sudo service docker restart
mac
boot2docker up
boot2docker ssh "echo $'EXTRA_ARGS=\"--registry-mirror=http://<my-docker-mirror-host>\"' | sudo tee -a /var/lib/boot2docker/profile && sudo /etc/init.d/docker restart”
then your docker service with run with your own registry mirror.

To answer your questions (which are valid for debian/ubuntu, I don't have tinylinux handy to test which is used by boot2docker):
service docker start will run a startup script in /etc/init.d/docker
docker -d is the manual version of the previous script, useful when you want to run docker in debug mode. I suspect the example you gave will not do the same thing, because there are more options specified in the service script.
if you want to add more docker command options, edit the /etc/default/docker file
Update after OP's comments:
To add your new switch, you need to specifically edit the variable (which maybe exported) DOCKER_OPTS and add your option to the end of the existing options.
My /etc/default/docker options are:
export DOCKER_OPTS="--tlsverify --tlscacert=/etc/docker/ca.pem
--tlskey=/etc/docker/server-key.pem --tlscert=/etc/docker/server.pem --label=provider=XXXX
--host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2376"
To add the registry-mirror I would edit the DOCKER_OPTS to look like this
export DOCKER_OPTS="--tlsverify --tlscacert=/etc/docker/ca.pem
--tlskey=/etc/docker/server-key.pem --tlscert=/etc/docker/server.pem --label=provider=XXXX
--host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2376
--registry- mirror=192.168.59.103:5555"

Related

Docker System has not been booted with systemd as init system

I have an Ubuntu 18.04 image runing on my docker container. I login into it and installed Openresty. also installed systemd. When I use command systemctl I get this error:
System has not been booted with systemd as init system (PID 1). Can't operate.
How can I fix it?
If I understand the OP, he is trying to run systemctl within the container. This does not work because systemd is not running within the container to begin with. It cannot be done in unprivileged containers. There is another question here in SO about why he should not run systemd within a container.
I quickly googled and found this 2014 page about using systemd within a container in docker, where there is a short explanation. The fix is to use a privileged container (running docker run --privileged ...), which is arguably a bad idea but might suit the OP. There is a 2019 update of that last article, and the bottomline is they developed their own container engine (so no docker).
The obvious solution would be to have a single service, so no need for systemd, although that might not be possible in the OP's case.
In summary, possible solutions:
not to use systemd
use a privileged container
not to use docker
In your terminal, you can type:
$ sudo dockerd
and the magic is happen
So, Open other terminal and try it
$ docker ps -a
If you still have a problem with permission, run:
$ sudo usermod -aG docker your-user
Did you try to use: sudo /etc/init.d/docker start instead of systemd ?
I have a similar problem and it solves it.
You need to start your container by this command to enable systemd.
docker run -itd --privileged docker pull ubuntu:18.04 /usr/sbin/init
After toying with Systemd myself and bumping into this I found a good solution to work around this in Docker.
You can setup a cronjob to run on container reboot.
Dockerfile.yml:
COPY startup.sh /home/$USERNAME
WORKDIR /home/$USERNAME
RUN chmod +x startup.sh
RUN runuser -u $USERNAME -- echo "#reboot /home/$USERNAME/startup.sh" >> cronjobs
RUN runuser -u $USERNAME -- crontab cronjobs
RUN runuser -u $USERNAME -- rm cronjobs
https://askubuntu.com/questions/814/how-to-run-scripts-on-start-up#816
To complement #javier-gonzalez answer, if you're following running systemd within container AND getting the error bash: /usr/sbin/init: No such file or directory when trying to run the container, you can use /lib/systemd/systemd as ENTRYPOINT in your Dockerfile instead since /usr/sbin/init since it is just a symlink to the same thing.
FROM ubuntu:<anyversion>
ENTRYPOINT ["/lib/systemd/systemd"]
You may have forgotten to start docker before using it
sudo service docker start

Assign labels to Docker daemon

How do I assign labels to an already running Docker daemon on Ubuntu?
Tried:
export DOCKER_OPTS="--label=com.example.storage=ssd"
sudo restart docker
but didn't help. docker info need to show Labels.
The docker configuration section is clear:
Log into your host as a user with sudo or root privileges.
If you don’t have one, create the /etc/default/docker file on your host. Depending on how you installed Docker, you may already have this file.
Open the file with your favorite editor.
$ sudo vi /etc/default/docker
Add a DOCKER_OPTS variable with the following options. These options are appended to the docker daemon’s run command.
DOCKER_OPTS="--label=com.example.storage=ssd"
Save and close the file.
Restart the docker daemon.
$ sudo restart docker
sudo sed -i `'/DOCKER_OPTS/c\DOCKER_OPTS="--label=com.example.storage=ssd"' /etc/default/docker`
did the trick for me.
I would guess "sudo" isn't copying your environment. You might try "sudo -E".

How to update /etc/hosts file in Docker image during "docker build"

I want to update my /etc/hosts file during "docker build".
I added below line in Dockerfile but it's neither updating /etc/hosts file nor giving any error.
RUN echo "192.168.33.11 mynginx" >> /etc/hosts
I need to update /etc/hosts. Can anyone suggest on this?
With a more recent version of docker, this could be done with docker-compose and its extra_hosts directive
Add hostname mappings.
Use the same values as the docker run client --add-host parameter (which should already be available for docker 1.8).
extra_hosts:
- "somehost:162.242.195.82"
- "otherhost:50.31.209.229"
In short: modify /etc/hosts of your container when running it, instead of when building it.
With Docker 17.x+, you have a docker build --add-host mentioned below, but, as commented in issue 34078 and in this answer:
The --add-host feature during build is designed to allow overriding a host during build, but not to persist that configuration in the image.
The solutions mentioned do refer the docker-compose I was suggesting above:
Run an internal DNS; you can set the default DNS server to use in the daemon; that way every container started will automatically use the configured DNS by default
Use docker compose and provide a docker-compose.yml to your developers.
The docker compose file allows you to specify all the options that should be used when starting a container, so developers could just docker compose up to start the container with all the options they need to set.
You can not modify the host file in the image using echo in RUN step because docker daemon will maintain the file(/etc/hosts) and its content(hosts entry) when you start a container from the image.
However following can be used to achieve the same:
ENTRYPOINT ["/bin/sh", "-c" , "echo 192.168.254.10 database-server >> /etc/hosts && echo 192.168.239.62 redis-ms-server >> /etc/hosts && exec java -jar ./botblocker.jar " ]
Key to notice here is the use of exec command as docker documentation suggests. Use of exec will make the java command as PID 1 for the container. Docker interrupts will only respond to that.
See https://docs.docker.com/engine/reference/builder/#entrypoint
I think docker recently added the --add-host flag to docker build which is really great.
[Edit]
So this feature was updated on 17.04.0-ce
For more detail on how to use docker build with the --add-host flag please visit: https://docs.docker.com/edge/engine/reference/commandline/build/
Since this still comes up as a first answer in Google I'll contribute possible solution.
Command taken from here suprisingly worked for me (Docker 1.13.1, Ubuntu 16.04) :
docker exec -u 0 <container-name> /bin/sh -c "echo '<ip> <name>' >> /etc/hosts"
You can do with the following command at the time of running docker
docker run [OPTIONS] --add-host example.com:127.0.0.1 <your-image-name>:<your tag>
Here I am mapping example.com to localhost 127.0.0.1 and its working.
If this is useful for anyone, the HOSTALIASES env variable worked for me:
echo "fakehost realhost" > /etc/host.aliases
export HOSTALIASES=/etc/host.aliases
You can use the --add-host option during docker run.
For your case use:
docker run --add-host mynginx:192.168.33.11 [image_name]:[tag]
This will update your /etc/hosts
you can check it by using following commands:
docker exec -it [container_id] sh
if sh doesnt work for you ,then you can try bash or /bin/sh or /bin/bash
cat /etc/hosts
I just created a sh script and run it on start docker.
In this script I start all the services and update the hosts file:
on Dockerfile:
CMD /tmp/init_commands.sh & sleep infinity
init_comands.sh
any other commands...
echo "192.168.11.5 XXXXXXX" >> /etc/hosts
echo "192.168.11.6 XXXXXXY" >> /etc/hosts
echo "192.168.11.7 XXXXXXZ" >> /etc/hosts
Following worked for me by mounting the file during docker run instead of docker build
docker service create --name <name> --mount type=bind,source=/etc/hosts,dst=/etc/hosts <image>
Tis is me Dockefile
FROM XXXXX
ENV DNS_1="10.0.0.1 TEST1.COM"
ENV DNS_1="10.0.0.1 TEST2.COM"
CMD ["bash","change_hosts.sh"]`
#cat change_hosts.sh
su - root -c "env | grep DNS | akw -F "=" '{print $2}' >> /etc/hosts"
info
user must su
Just a quick answer to run your container using:
docker exec -it <container name> /bin/bash
once the container is open:
cd ..
then
`cd etc`
and then you can
cat hosts
or:
apt-get update
apt-get vim
or any editor you like and open it in vim, here you can modify say your startup ip to 0.0.0.0

Docker logging to container

I'm fresh user of Docker. The fist problem with which I'm faced is logging into container.
I'm found solutions to execute container bash commands by
docker exec -it ID bash
But, this is solution only for install/ remove packages. What to use if I want to edit nginx config in docker container ?
One of solutions can be loggin to container via ssh connection, but maybe Docker have something own for this ?, I mean easilly access without install OpenSSH ?
as you said,
docker exec -it container_id bash
and then use your favorite editor to edit any nginx config file. vi or nano is usually installed, but you may need to install emacs or vim, if this is your favorite editor
if you have just a few characters to modify,
docker exec container_id sed ...
might do the job. If you want to SSH into your container, you will need to install SSH and deal with the SSH keys, I am not sure this is what you need.
You're going about it the wrong way. You should rarely need to log into a container to edit files.
Instead, mount the nginx.conf with -v from the host. That way you can edit the file with your normal editor. Once you've got the config working the way you want it, you can then build a new image with it baked in.
In general, you have to get into the mindset of containers being ephemeral. You don't patch them; you throw them away and replace them with a fixed version.
How: Docker logging to container
Yes, you can. You can login the running container.
Exist docker exec or docker attach is not good enough. Looking to start a shell inside a Docker container? The solution is: jpetazzo/nsenter with two commands: nsenter and docker-enter.
If you are in Linux environment, then run below command:
docker run --rm -v /usr/local/bin:/target jpetazzo/nsenter
docker ps
# replace <container_name_or_ID> with real container name or ID.
PID=$(docker inspect --format {{.State.Pid}} <container_name_or_ID>)
nsenter --target $PID --mount --uts --ipc --net --pid
Then you are in that running container, you can run any linux commands now.
I prefer the other command docker-enter. Without login the container, you can directly run linux commands in container with docker-enter command. Second, I can't memory multiple options of nsenter command and no need to find out the container's PID.
docker-enter 0e8c248982c5 ls /opt
If you are mac or windows user, run docket with toolbox:
docker-machine ssh default
docker run --rm -v /usr/local/bin:/target jpetazzo/nsenter
PID=$(docker inspect --format {{.State.Pid}} 0e8c248982c5)
sudo nsenter --target $PID --mount --uts --ipc --net --pid
If you are mac or windows user, run docket with boot2docker:
boot2docker ssh
docker run --rm -v /usr/local/bin:/target jpetazzo/nsenter
PID=$(docker inspect --format {{.State.Pid}} 0e8c248982c5)
sudo nsenter --target $PID --mount --uts --ipc --net --pid
Note: The command docker run --rm -v /usr/local/bin:/target jpetazzo/nsenter only need run one time.
How: edit nginx config
For your second question, you can think about ONBUILD in Docker.
ONBUILD COPY nginx.conf /etc/nginx/nginx.conf
With this solution, you can:
edit nginx.conf in local, you can use any exist editor .
needn't build your image every time after you change nginx configuration.
every time, after you change nginx.conf file in local, you need stop, remove and re-run the containe, new nginx.conf file will be deployed into contrainer when docker run command.
You can refer the detail on how to use ONBUILD here: docker build

How to add variable to docker daemon in CentOS?

I want to create registry mirror in docker. I read this tutorial. So,I want to add this variable "--registry-mirror=http://10.0.0.2:5000" to docker daemon when it start.
I have succeeded in mac. I add the line to /var/lib/boot2docker/profile:
EXTRA_ARGS="--registry-mirror=http://192.168.59.103:5555"
It can work after adding in mac. So I do the same thing in CentOS. I use the command in this question:I:
sudo sed -i 's|other_args=|other_args=--registry-mirror=http://<my-docker-mirror-host> |g' /etc/sysconfig/docker
sudo sed -i "s|OPTIONS='|OPTIONS='--registry-mirror=http://<my-docker-mirror-host> |g" /etc/sysconfig/docker
sudo service docker restart
and it makes my "/etc/sysconfig/docker" like below in CentOS, and this is my docker file:
# /etc/sysconfig/docker
#
# Other arguments to pass to the docker daemon process
# These will be parsed by the sysv initscript and appended
# to the arguments list passed to docker -d
OPTIONS=--selinux-enabled -H fd:// -g="/opt/apps/docker"
other_args="--registry-mirror=http://10.11.150.76:5555"
Then, I restart docker using this command:
service docker restart
But, the mirror didn't work in CentOS. I use command:
ps -ef
It did't add the variable to docker daemon. what is wrong?
In the /etc/sysconfig/docker file, change:
OPTIONS=--selinux-enabled -H fd:// -g="/opt/apps/docker"
into:
OPTIONS=--selinux-enabled -H fd:// -g="/opt/apps/docker" --registry-mirror=http://10.11.150.76:5555
I can't help you with other_args, I don't know this option.
If you using yum install docker, you may get a problem with the docker service config file.
Then you need to check your system service config file, see if it using other_args as a parameter to start docker. By default, the service config file should placed at /usr/lib/systemd/system/docker.service, edit it with any editor, check ExecStart part, add other_args to it.
For example, ExecStart=/usr/bin/docker -d --selinux-enabled $other_args

Resources