不允许 Docker CentOS systemctl [英] Docker CentOS systemctl not permitted

问题描述

我尝试使用 systemctl 命令构建 CentOS 映像.但是每次当我构建它.我收到此错误:

I trying to build a CentOS image with systemctl command. But each time when I build it. I obtain this error :

Step 5/7 : RUN systemctl enable syslog-ng ; systemctl start syslog-ng
 ---> Running in 8f5a357895e7
Failed to get D-Bus connection: Operation not permitted
The command '/bin/sh -c systemctl enable syslog-ng ; systemctl start syslog-ng' returned a non-zero code: 1

我的 Dockerfile:

My Dockerfile :

FROM centos_systemctl:latest 

RUN yum -y update
RUN yum -y install epel-release ; \
    yum -y install vim ; \
    yum -y install wget ; \
    yum -y install rsync ; \
    yum -y groupinstall "Development tools"
# Install syslog-ng 3.14
RUN cd /etc/yum.repos.d/ ; \
    wget https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng314/repo/epel-7/czanik-syslog-ng314-epel-7.repo ; \
    yum -y install syslog-ng
RUN systemctl enable syslog-ng ; systemctl start syslog-ng
RUN yum -y remove rsyslog
# COPY config syslog-ng
CMD ["/usr/sbin/init"]

centos_systemctl:latest 根据这个:https://github.com/docker-library/docs/tree/master/centos#systemd-integration

有人知道我做错了什么吗?

Someone know what I do wrong ?

谢谢，

推荐答案

您应该假设 systemd 和 systemctl 在 Docker 中不起作用，并找到另一种方法来实现您的更高级别目标.最佳实践是只在一个Docker容器中运行一个服务和一个服务，如果需要多个协调服务，则使用多个容器；如果你真的必须在同一个容器中运行多个东西，那么 supervisord 是一个通用的进程管理器.

You should assume systemd and systemctl just don't work in Docker, and find another approach to whatever your higher-level goals are. Best practices are to run one service and one service only in a Docker container, and to use multiple containers if you need multiple coordinating services; if you really must run multiple things in the same container then supervisord is a common process manager.

Docker 中 systemd 的最大问题是它默认想要控制很多东西.看systemd主页上的图:它想做一堆内核级设置、管理文件系统和启动多个服务，所有这些都已经在主机上完成，在 Docker 容器中是不必要的.在 Docker 中运行 systemd 的简单"方法是授予它重新配置主机的权限；您提供的链接采用硬"方式，涉及删除其大部分控制文件.

The biggest problem with systemd in Docker is that it by default wants to control a lot of things. Look at the graphic on the systemd home page: it wants to do a bunch of kernel-level setup, manage filesystems, and launch several services, all of which have already been done on the host and are unnecessary in a Docker container. The "easy" way to run systemd in Docker involves giving it permission to reconfigure your host; the link you provide has a "hard" way that involves deleting most of its control files.

在 Dockerfile 上下文中，还有一个问题，即每个 RUN 行都从一个完全没有运行进程的空白开始.所以你的 systemctl start ... 命令不起作用，因为 systemd init 没有运行；即使这样做了，当 RUN 命令完成时，进程也会消失，服务也不会在下一行运行.

In a Dockerfile context there's also a problem that each RUN line starts from a clean slate with no processes running at all. So your systemctl start ... command doesn't work because the systemd init isn't running; and even if it did, when that RUN command finished, the process would go away and the service wouldn't be running on the next line.

您或许可以找到预构建的 syslog-ng 映像通过在 https://hub.docker.com 上的搜索框中键入syslog"，可以避免这种情况问题.也可以像您一样在 CentOS 基础上安装 syslog-ng，但完全跳过 systemd 并将服务作为映像运行的主要命令运行

You might be able to find a prebuilt syslog-ng image by typing "syslog" into the search box on https://hub.docker.com, which would dodge this issue. It also might work to install syslog-ng on a CentOS base as you do, but skip systemd entirely and just run the service as the primary command the image runs

CMD ["syslog-ng", "-F"]

这篇关于不允许 Docker CentOS systemctl的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！