DockerInit » History » Version 4
cryptogopher, 2022-04-28 21:47
| 1 | 1 | cryptogopher | h1. Container @init@ process |
|---|---|---|---|
| 2 | |||
| 3 | To enable running multiple processes, containers require process/service management. This is normally provided by some kind of @init@ task (e.g. provided by @sysvinit@). |
||
| 4 | 2 | cryptogopher | |
| 5 | 4 | cryptogopher | There are Docker-compatible replacements for full-fledged @init@'s. Unfortunately they require either custom init scripts or service configurations (https://wiki.gentoo.org/wiki/Comparison_of_init_systems). The process of migration from system provided OpenRC init scripts is time consuming and error prone. |
| 6 | 2 | cryptogopher | |
| 7 | Usage of system's default @sysvinit@ is hampered by following shortcomings: |
||
| 8 | * it mostly does not respond to Unix signals, which are used by Docker to manage containers (most importantly: signal termination), |
||
| 9 | * it does not stop properly on container stop. Attempt to stop container with @init@ as PID 1 ends with error code 137: |
||
| 10 | <pre> |
||
| 11 | 3 | cryptogopher | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES |
| 12 | b755c0f1b1d8 gentoo-base "/sbin/init" About a minute ago Exited (137) 9 seconds ago gentoo-base |
||
| 13 | 2 | cryptogopher | </pre> |
| 14 | @init@ process remains running afterwards: |
||
| 15 | <pre> |
||
| 16 | # docker-compose top |
||
| 17 | gentoo-base |
||
| 18 | UID PID PPID C STIME TTY TIME CMD |
||
| 19 | ---------------------------------------------------------- |
||
| 20 | root 3510 3489 0 17:40 ? 00:00:00 init [0] |
||
| 21 | </pre> |
||
| 22 | |||
| 23 | 1 | cryptogopher | |
| 24 | 4 | cryptogopher | Nevertheless it is possible to use @sysvinit@ inside Docker container as an @init@ process. Required steps are following: |
| 25 | 3 | cryptogopher | |
| 26 | 1. Change @sysvinit@ to exit @init@ process on hard shutdown (runlevel 0) with following patch: |
||
| 27 | <pre><code class="diff"> |
||
| 28 | --- sysvinit-3.01/src/init.c 2021-12-13 20:21:26.000000000 +0100 |
||
| 29 | +++ sysvinit-3.01/src/init.c 2022-04-18 01:21:47.966751774 +0200 |
||
| 30 | @@ -2367,6 +2367,11 @@ |
||
| 31 | read_inittab(); |
||
| 32 | fail_cancel(); |
||
| 33 | setproctitle("init [%c]", (int)runlevel); |
||
| 34 | + |
||
| 35 | + /* |
||
| 36 | + * Exit on halt - causes Docker container to stop. |
||
| 37 | + */ |
||
| 38 | + if (runlevel == '0') exit(0); |
||
| 39 | } |
||
| 40 | } |
||
| 41 | Write_Runlevel_Log(runlevel); |
||
| 42 | 1 | cryptogopher | </code></pre> |
| 43 | |||
| 44 | 4 | cryptogopher | On Gentoo it's enough to put this patch inside _/etc/portage/patches/sys-apps/sysvinit/exit-on-halt.patch_ and reemerge @sysvinit@. |
| 45 | |||
| 46 | 2. Change Docker signal for container termination to SIGINT and set appropriate action in @inittab@. |
||
| 47 | |||
| 48 | Container's _docker-compose.yml_: |
||
| 49 | <pre> |
||
| 50 | services: |
||
| 51 | gentoo-base: |
||
| 52 | ... |
||
| 53 | stop_signal: SIGINT |
||
| 54 | </pre> |
||
| 55 | |||
| 56 | _/etc/inittab_ inside container - replace reboot action with shutdown: |
||
| 57 | <pre> |
||
| 58 | # What to do at the "Three Finger Salute". |
||
| 59 | ca:12345:ctrlaltdel:/sbin/shutdown -h now |
||
| 60 | </pre> |