I have a situation where I need to start some services within this jenkins container to make it work in our project. So i need Systemd enabled in order to do that...
As of now I get the below error when I try to run "systemctl" command within this container:
Failed to get D-Bus connection: Operation not permitted
Which is expected. Now on my research, I found that if we use the below docker file to create an image and then run a container, we should be able to run systemctl commands:
FROM docker.io/openshift/jenkins-1-centos7
MAINTAINER "you" your@email.here
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in ; do [ $i ==systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/;\
rm -f /etc/systemd/system/.wants/;\
rm -f /lib/systemd/system/local-fs.target.wants/; \
rm -f /lib/systemd/system/sockets.target.wants/udev; \
rm -f /lib/systemd/system/sockets.target.wants/initctl; \
rm -f /lib/systemd/system/basic.target.wants/;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]
I got the below error
/bin/sh: line 0: [: cryptsetup.target: unary operator expected
rm: cannot remove 'cryptsetup.target': Permission denied
/bin/sh: line 0: [: dev-hugepages.mount: unary operator expected
rm: cannot remove 'dev-hugepages.mount': Permission denied
/bin/sh: line 0: [: dev-mqueue.mount: unary operator expected
rm: cannot remove 'dev-mqueue.mount': Permission denied
...
I am using the root user to run the command.
Although, if I replace the source image to normal centos image
FROM centos:7
The systemd for this newly created image (based on centos) works fine.
Is there a reason for this error? or I can't create a systemd type image on top of given jenkins-1-centos7 image?
EDIT: ok, so an expert helped me understand that "by default in a Dockerfile you run commands as root until you explicity change users with the USER directive. However, since you are building on an image that has already made that change I believe you are running commands as the Jenkins user and not as the root user. If you explicitly switch back to root then you can run the commands."
So the new file looks something like this:
FROM docker.io/openshift/jenkins-1-centos7
MAINTAINER "you" your@email.here
#ENV container docker
USER root
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in ; do [ $i ==systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -rf /lib/systemd/system/multi-user.target.wants/;\
rm -rf /etc/systemd/system/.wants/;\
rm -rf /lib/systemd/system/local-fs.target.wants/; \
rm -rf /lib/systemd/system/sockets.target.wants/udev; \
rm -rf /lib/systemd/system/sockets.target.wants/initctl; \
rm -rf /lib/systemd/system/basic.target.wants/;\
rm -rf /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]
It works!! But now, the jenkins service doesn't start back giving the below error: bash-4.2# systemctl status jenkins.service ● jenkins.service - LSB: Jenkins Continuous Integration Server Loaded: loaded (/etc/rc.d/init.d/jenkins) Active: failed (Result: exit-code) since Tue 2016-10-18 19:45:17 UTC; 5s ago Docs: man:systemd-sysv-generator(8) Process: 95 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited, status=1/FAILURE)
Oct 18 19:45:17 578908315d82 systemd[1]: Starting LSB: Jenkins Continuous Integration Server...
Oct 18 19:45:17 578908315d82 jenkins[95]: /etc/rc.d/init.d/jenkins: line 51: /etc/init.d/functions: No such file or directory
Oct 18 19:45:17 578908315d82 systemd[1]: jenkins.service: control process exited, code=exited status=1
Oct 18 19:45:17 578908315d82 systemd[1]: Failed to start LSB: Jenkins Continuous Integration Server.
Oct 18 19:45:17 578908315d82 systemd[1]: Unit jenkins.service entered failed state.
Oct 18 19:45:17 578908315d82 systemd[1]: jenkins.service failed.
Currently still researching on this...
EDIT2: So I solved the issue sometime back, because I decided to use a separate container for running everything else, and this jenkins container was untouched as it is...