When I in a fedora container systemctl use, I get:
Failed to get D-Bus connection:: Unknown error -1
Does someone know how to fix this? Or can systemctl not be used in a docker container?
The systemctl command talks to systemd over a DBus connection. It is unlikely that you are running systemd in your container, so systemctl has nothing with which to talk.
While it is possible to run systemd in a container, doing so is often (but not always!) a sign that you need to rethink the architecture of your containers.
I have fixed a similar issue, check this answer.
The main idea is to make /usr/sbin/init the first process inside the container.
As already said, the standard systemctl needs SystemD. But for a command like "systemctl enable " or starting a service process one actually do that without a running SystemD.
The "systemctl enable" will essentially look into the sshd.service file for a "WantedBy=multi-user.target" clause and then it creates a symlink in /etc/systemd/system/multi-user.target.wants/. Similary, a "systemctl start" will look for the "ExecStart=/usr/bin/sshd" clause in the ssh.service file.
If you do not want look that up and run those parts manually, you could use my systemctl.py helper from the docker-systemctl-replacement which can do the interpretation of systemd service files for you.
Related
I am trying to configure auditing for docker daemon as follows:
Add the line below to the /etc/audit/audit.rules file:
-w /usr/bin/dockerd -k docker
Then, restart the audit daemon using the following command:
service auditd restart
This gives the following error:
Failed to restart auditd.service: Operation refused, unit auditd.service may be requested by dependency only.
Using systemctl also doesn't work. Is there a workaround or a fix for this?
Updating RefuseManualStop to no in the /usr/lib/systemd/system/auditd.service
RefuseManualStop=no
Then reload the daemon as follows:
systemctl daemon-reload
Probably 2 years too late but for anyone facing the same on redhat 7. Run;
service auditd condrestart|try-restart
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-starting_the_audit_service
Found a solution here. The method to use is
sudo systemctl kill auditd
sudo systemctl start auditd
I'm new in Dart lang, also new in API services on linux.
My question is, how to I keep the Dart service active in linux?
And how can I do it to recycle if I have a problem with the service?
I need to run in crontab?
You can create a systemd service for you Aqueduct and enable it to run automatically when you server are started. There are a lot of options for systemd service but I have tried to make an example for you with you requirements:
[Unit]
Description=Dart Web Server
Wants=network-online.target
After=network-online.target
[Service]
Restart=always
ExecStart=/opt/dart-sdk/bin/dart bin/main.dart
WorkingDirectory=/tmp/web/my_project
User=webserver_user
[Install]
WantedBy=multi-user.target
Save this as /etc/systemd/system/name_of_your_service.service
Run hereafter the following commands:
systemctl daemon-reload
This will ensure the latest changes to you available services are loaded into systemd.
systemctl start name_of_your_service.service
This will start you service. You can stop it with "stop" and restart it with "restart".
systemctl enable name_of_your_service.service
This will enable the service so it will start after boot. You can also "disable" it.
Another good command is status command where you can see some information about your service (e.g. is it running?) and some of the latest log events (from stdout):
systemctl status name_of_your_service.service
Let me go through the settings I have specified:
"Wants"/"After" ensures that the service are first started after a network connection has been established (mostly relevant for when the service should start under the boot sequence).
"Restart" specifies what should happen if the dart process are stopped without using "systemctl stop". With "always" the service are restarted no matter how the program was terminated.
"ExecStart" the program which we want to keep running.
"User" is the user your want the service to run as.
The "WantedBy" part are relevant for the "systemctl enable" part and specifies when the service should be started. Use multi-user.target here unless you have some specific requirements.
Again, there are lot of options for systemd services and you should also check out journalctl if you want to see stdout log output for you service.
I pulled centos6 image and made a container from it. I got its bash by:
$ docker run -i -t centos:centos6 /bin/bash
On the centos6 container, I could use "service" command without any problem. But when I pulled&used centos7 image:
$ docker run -i -t centos:centos7 /bin/bash
Both of "service" and "systemctl" didn't work. The error message is:
Failed to get D-Bus connection: Operation not permitted
My question is:
1. How are people developing without "service" and "systemctl" commands?
2. If I want to use, for example, httpd.service on the centos7 container, what should I do? Or maybe running services on a container is not recommended?
There is no process supervisor running inside either container. The service command in your CentOS 6 container works by virtue of the fact that it just runs a script from /etc/init.d, which by design ultimately launch a command in the background and return control to you.
CentOS 7 uses systemd, and systemd is not running inside your container, so there is nothing for systemctl to talk to.
In either situation, using the service or systemctl command is generally the wrong thing to do: you want to run a single application, and you want to run it in the foreground, so that your container continues to run (from Docker's perspective, a command that goes into the background has exited, and if that was pid 1 in the container, the container will exit).
How are people developing without "service" and "systemctl" commands?
They are starting their programs directly, by consulting the necessary documentation to figure out the appropriate command line.
If I want to use, for example, httpd.service on the centos7 container, what should I do? Or maybe running services on a container is recommended?
You would start the httpd binary using something like:
CMD ["httpd", "-DFOREGROUND"]
If you like to stick with service/sytemctl commands to start/stop services then you can do that in a centos7 container by using the docker-systemctl-replacement script.
I had some deployment scripts that were using th service start/stop commands on a real machine - and they work fine with a container. Without any further modification. When putting the systemctl.py script into the CMD then it will simply start all enabled services somewhat like the init-process on a real machine.
systemd is included but not enabled by default in CentOS 7 docker image. It is mentioned on the repository page along with steps to enable it.
https://hub.docker.com/_/centos/
I get following error when starting Docker daemon from command line:
Error starting daemon: error while opening volume store metadata database: timeout
OS is Linux.
Any pointer how can I resolve this?
(Google search didn't yield anything)
It depends on your exact Linux distro, and docker version.
See for instance issue 26022: it has the same error message on Fedora after a
yum -y install docker-engine-1.13.1-1.el7.centos
Try and follow again the full installation procedure for your exact distro.
After investigating a lot and trying many commands, this has worked for me:
*Do not use '&&' to make the most compact command or otherwise it will not work.
sudo rm /var/run/docker.pid
sudo systemctl stop docker.socket
sudo systemctl stop docker
systemctl start docker
systemctl enable docker
sudo systemctl start docker
If this error appears ( running $ docker [command] ):
Cannot connect to the Docker daemon at unix:///home/mg/.docker/desktop/docker.sock. Is the docker daemon running?
The first thing you should do is to have Docker Desktop installed on your pc, of which you can get here https://docs.docker.com/desktop/windows/wsl/
You should also enable wsl2, Just going through the documentation from the link above should be enough.
Also make sure Settings > General > Use the WSL 2 based engine... box is checked.
REFERENCE https://stackoverflow.com/a/72890783/21061651
Running service docker start presents:
Job for docker.service failed. See 'systemctl status docker.service' and 'journalctl -xn' for details.
Both of those yield this error:
Failed to start Docker Application Container Engine.
I do not have internet access on this machine, and all the similar issues were resolved with a "yum reinstall docker" or "yum install device-mapper-event-libs" or "yum install docker-selinux". I've tried commenting out selinux under docker options but nothing changes.
What can I do? Should I download docker-selinux for my architecture and transfer it over and manually install?
Thanks for any help.
Edit: Adding some information, this is CentOS 7 Atomic Host & Docker version 1.71
In my case I tried to create a conf file, /etc/systemd/system/docker.service.d/hosts.conf with extra options but still didn't work. Finally, a reboot started docker service without any issues.
Hope this helps someone.