Is systemd within a Docker container still recommended?
Daniel J Walsh
dwalsh at redhat.com
Mon Mar 2 14:17:55 UTC 2015
On 03/01/2015 10:41 PM, Michael DePaulo wrote:
> Hi,
>
> I am developing a Dockerfile for X2Go. I intend to submit a PR to
> fedora-Dockerfiles within a week.
>
> https://github.com/mikedep333/Fedora-Dockerfiles/tree/add-x2go
>
> (X2Go was already added in F20)
> https://fedoraproject.org/wiki/Changes/X2Go
>
> Example Dockerfile with systemd:
> https://github.com/fedora-cloud/Fedora-Dockerfiles/blob/master/systemd/apache/Dockerfile
>
> However, I would like to know if the Fedora project still recommends
> that I use systemd, or if I should resort to using supervisord or a
> shell script.
>
> I merely need to start sshd and x2gocleansessions. Both have systemd
> unit files, but can be run via an init script too.
>
> When I do try systemd, I am experiencing known issues with cgroups and
> with mounting /run, unless I run a privileged container. It has been a
> while since there were any comments on the CLOSED NOTABUG bz on these
> issues.
> https://bugzilla.redhat.com/show_bug.cgi?id=1033604
>
> -Mike
We are continuing to work on making running systemd within a container
better.
I am trying to get a /run on tmpfs patch to be acceptable upstream. But
we still
have a problem with systemd requiring /sys/fs/cgroup to be mounted
inside the container
to run. Which allows for an information leak.
More information about the devel
mailing list