Open adhuri opened 7 years ago
I am trying to build a runc container for MariaDB by following the steps below (With sudo):
{
"ociVersion": "1.0.0",
"process": {
"terminal": true,
"user": {},
"args": [
"bash"
],
"env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"TERM=xterm"
],
"cwd": "/",
"capabilities": {
"bounding": [
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE",
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"effective": [
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE",
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"inheritable": [
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE",
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"permitted": [
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE",
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"ambient": [
"CAP_AUDIT_WRITE",
"CAP_KILL",
"CAP_NET_BIND_SERVICE",
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
]
},
"rlimits": [
{
"type": "RLIMIT_NOFILE",
"hard": 1024,
"soft": 1024
}
],
"noNewPrivileges": true
},
"root": {
"path": "rootfs",
"readonly": false
},
"hostname": "runc",
"mounts": [
{
"destination": "/proc",
"type": "proc",
"source": "proc"
},
{
"type": "bind",
"source": "/etc/resolv.conf",
"destination": "/etc/resolv.conf",
"options": [
"rbind",
"ro"
]
},
{
"destination": "/dev",
"type": "tmpfs",
"source": "tmpfs",
"options": [
"nosuid",
"strictatime",
"mode=755",
"size=65536k"
]
},
{
"destination": "/dev/pts",
"type": "devpts",
"source": "devpts",
"options": [
"nosuid",
"noexec",
"newinstance",
"ptmxmode=0666",
"mode=0620"
]
},
{
"destination": "/dev/shm",
"type": "tmpfs",
"source": "shm",
"options": [
"nosuid",
"noexec",
"nodev",
"mode=1777",
"size=65536k"
]
},
{
"destination": "/dev/mqueue",
"type": "mqueue",
"source": "mqueue",
"options": [
"nosuid",
"noexec",
"nodev"
]
},
{
"destination": "/sys",
"type": "sysfs",
"source": "sysfs",
"options": [
"nosuid",
"noexec",
"nodev"
]
},
{
"destination": "/sys/fs/cgroup",
"type": "cgroup",
"source": "cgroup",
"options": [
"nosuid",
"noexec",
"nodev",
"relatime"
]
}
],
"linux": {
"resources": {
"devices": [
{
"allow": false,
"access": "rwm"
}
]
},
"namespaces": [
{
"type": "pid"
},
{
"type": "ipc"
},
{
"type": "uts"
},
{
"type": "mount"
}
],
"maskedPaths": [
"/proc/kcore",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/sys/firmware",
"/proc/scsi"
],
"readonlyPaths": [
"/proc/asound",
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
}
}
I am unable to start the mysql server using the command: $service mysql start
Setting the args in config.json to mysqld doesn't work either.
Can you please share the config.json that you speak of creating after handpicking from the output of docker inspect?
Other things I've tried: Create a debian:slim runc container and install mariadb within. It has way to many issues. (Clearly due to my lack of understanding of how containers are supposed to work,) Currently failing to install due to the error "invoke.rc.d unable to determine runlevel"
since the config.json is configured by us
We can follow two ways - a) create config.json specifically for mysql using docker inspect of a running docker container and then manually finding the relevant tags b) create a script automatically does this process for any docker container.
Following a) as of now for this v1.0
For mysql -
Started mysql server
docker run --name my-container-name -e MYSQL_ROOT_PASSWORD=password -d mysql/mysql-server:latest
Executing mysql client
docker exec -it my-container-name mysql -uroot -p
Docker inspect
docker inspect containerid
Dockerinspect output -[{ "AppArmorProfile": "", "Args": [ "mysqld" ], "Config": { "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd": [ "mysqld" ], "CpuShares": 0, "Cpuset": "", "Domainname": "", "Entrypoint": [ "/entrypoint.sh" ], "Env": [ "MYSQL_ROOT_PASSWORD=my-secret-pw", "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "PACKAGE_URL=https://repo.mysql.com/yum/mysql-5.7-community/docker/x86_64/mysql-community-server-minimal-5.7.17-1.el7.x86_64.rpm" ], "ExposedPorts": { "3306/tcp": {}, "33060/tcp": {} }, "Hostname": "a0e7ac5f5f89", "Image": "mysql/mysql-server:latest", "Labels": {}, "MacAddress": "", "Memory": 0, "MemorySwap": 0, "NetworkDisabled": false, "OnBuild": null, "OpenStdin": false, "PortSpecs": null, "StdinOnce": false, "Tty": false, "User": "", "Volumes": { "/var/lib/mysql": {} }, "WorkingDir": "" }, "Created": "2017-02-11T18:40:08.07245949Z", "Driver": "aufs", "ExecDriver": "native-0.2", "ExecIDs": [ "3655827d05a4f60dc940ff3b59376b514676930496b8047a86771e4dcb74b939" ], "HostConfig": { "Binds": null, "CapAdd": null, "CapDrop": null, "CgroupParent": "", "ContainerIDFile": "", "CpuShares": 0, "CpusetCpus": "", "Devices": [], "Dns": null, "DnsSearch": null, "ExtraHosts": null, "IpcMode": "", "Links": null, "LogConfig": { "Config": null, "Type": "json-file" }, "LxcConf": [], "Memory": 0, "MemorySwap": 0, "NetworkMode": "bridge", "PidMode": "", "PortBindings": {}, "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "RestartPolicy": { "MaximumRetryCount": 0, "Name": "no" }, "SecurityOpt": null, "Ulimits": null, "VolumesFrom": null }, "HostnamePath": "/var/lib/docker/containers/a0e7ac5f5f893eecc6d18a4475712c1bd019ffbb9a063639566bc78d480bb085/hostname", "HostsPath": "/var/lib/docker/containers/a0e7ac5f5f893eecc6d18a4475712c1bd019ffbb9a063639566bc78d480bb085/hosts", "Id": "a0e7ac5f5f893eecc6d18a4475712c1bd019ffbb9a063639566bc78d480bb085", "Image": "812beaae7f7fe676897ff404c25a45d4e309a6673c1ab1c8a81e0b7aeea7e645", "LogPath": "/var/lib/docker/containers/a0e7ac5f5f893eecc6d18a4475712c1bd019ffbb9a063639566bc78d480bb085/a0e7ac5f5f893eecc6d18a4475712c1bd019ffbb9a063639566bc78d480bb085-json.log", "MountLabel": "", "Name": "/my-container-name", "NetworkSettings": { "Bridge": "docker0", "Gateway": "172.17.42.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.5", "IPPrefixLen": 16, "IPv6Gateway": "", "LinkLocalIPv6Address": "fe80::42:acff:fe11:5", "LinkLocalIPv6PrefixLen": 64, "MacAddress": "02:42:ac:11:00:05", "PortMapping": null, "Ports": { "3306/tcp": null, "33060/tcp": null } }, "Path": "/entrypoint.sh", "ProcessLabel": "", "ResolvConfPath": "/var/lib/docker/containers/a0e7ac5f5f893eecc6d18a4475712c1bd019ffbb9a063639566bc78d480bb085/resolv.conf", "RestartCount": 0, "State": { "Dead": false, "Error": "", "ExitCode": 0, "FinishedAt": "0001-01-01T00:00:00Z", "OOMKilled": false, "Paused": false, "Pid": 16469, "Restarting": false, "Running": true, "StartedAt": "2017-02-11T18:40:08.186503873Z" }, "Volumes": { "/var/lib/mysql": "/var/lib/docker/vfs/dir/bf186d11e7c149d5b956831e10f66e696e48d9f5e3f8a0298317cd97d4d79766" }, "VolumesRW": { "/var/lib/mysql": true } } ]