Saturday, June 3, 2017

Systemd "init" Launch from Container Bash!

While running Systemd inside Container, for Tomcat (or any other application which runs in Daemon mode), "/usr/sbin/init" needs to be initiated at the start of Container. Following points are note to myself.

While running "init" directly from Dockerfile CMD like this https://github.com/subodhp/CI-CD-Jenkins-Docker-Github/blob/master/Dockerfile, I didn't need any extra caution. The CMD initiated the "init" & Tomcat started as part of the "init" call. 

Furthermore, due to some reason, I had to debug the Tomcat while it was running in daemon mode & I launched the container then I attached to bash as "docker run -it <<image name>> bash" & tried to ran "/usr/sbin/init" from bash shell, I got following error. 
[root@localhost ~]# docker run --privileged -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 8083:8080 f09654808312 bash
[root@dd5d03414efb /]# /usr/sbin/init
Couldn't find an alternative telinit implementation to spawn.
[root@dd5d03414efb /]# 
The key was to run like below -
[root@localhost ~]# docker run --privileged -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 8083:8080 f09654808312 bash
[root@f0d29a9698c9 /]# exec /usr/sbin/init 
systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Detected virtualization docker.
Detected architecture x86-64.

Welcome to CentOS Linux 7 (Core)!

Set hostname to <f0d29a9698c9>.
[  OK  ] Reached target Local File Systems.
[  OK  ] Reached target Swap.
[  OK  ] Reached target Paths.
[  OK  ] Created slice Root Slice.
[  OK  ] Created slice System Slice.
[  OK  ] Listening on Journal Socket.
         Starting Create Volatile Files and Directories...
[  OK  ] Reached target Slices.
[  OK  ] Listening on Delayed Shutdown Socket.
         Starting Journal Service...
[  OK  ] Started Journal Service.
[  OK  ] Started Create Volatile Files and Directories.
[ INFO ] Update UTMP about System Boot/Shutdown is not active.
[DEPEND] Dependency failed for Update UTMP about System Runlevel Changes.
[  OK  ] Reached target System Initialization.
[  OK  ] Reached target Timers.
[  OK  ] Listening on D-Bus System Message Bus Socket.
[  OK  ] Reached target Sockets.
[  OK  ] Reached target Basic System.
[  OK  ] Started Apache Tomcat Web Application Container.
         Starting Apache Tomcat Web Application Container...
[  OK  ] Reached target Multi-User System.
Notice the "exec", it allowed the on-going bash shell to be replaced by init process and Apache Tomcat was started. Strangely, Ctrl^C didn't worked after this & the only way to stop that container was to login into another terminal and do "docker stop" from there. There must be an explanation for this, I will find that out later on when I have some more time. But for now, atleast I was able to  "docker exec" from another terminal to above running container and continue my debugging on Tomcat daemon.

Cheers!

Friday, June 2, 2017

Risk Assessment!

Sometimes, I think that in the world of Finance, Risk Assessment is a euphemistic enabler to take more Risks than Risk Mitigation or Avoidance of undertakings.