|Summary:||/run mounted as tmpfs in container and causes changes in the directory to not be persistent|
|Product:||Red Hat Enterprise Linux 7||Reporter:||Chen Chang <cchang>|
|Component:||docker||Assignee:||Daniel Walsh <dwalsh>|
|Status:||CLOSED NOTABUG||QA Contact:||Virtualization Bugs <virt-bugs>|
|Version:||7.1||CC:||ablum, cchang, cpelland, ghacker, sbonnevi, sct|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2015-02-20 19:02:53 UTC||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description Chen Chang 2015-02-20 06:24:51 UTC
Comment 1 Steve Bonneville 2015-02-20 14:53:44 UTC
Since /run is mounted as tmpfs in regular RHEL 7, that's really weird that the httpd package owns files in there and is installing files in there. I'm noticing that rpm -ql reports httpd owns /run/httpd and /run/httpd/htcacheclean. I think you're right, there must be startup scripts that make sure those files are recreated properly in a traditional environment that aren't run in a container.
Comment 2 Andrew Blum 2015-02-20 16:26:17 UTC
I agree this is an issue we need some help with. Running the httpd container like the following isn't a good workaround [although this works]: -bash-4.2# docker run -d -p 8080:80 rht-training:rhel7_httpd /bin/bash -c "mkdir /run/httpd; httpd -D FOREGROUND" Also to note that containers built on older atomic versions [pre docker-1.4], don't have any issues running on the latest atomic build [2015-02-19 20:26:26 5799825b36]...but they also don't have tmpfs mounted /run either: -bash-4.2# docker exec -it 77f0c3c187f0 df -h /run Filesystem Size Used Avail Use% Mounted on /dev/mapper/docker-253:1-16842786-77f0c3c187f0d969807bd235f58749150ddb35d91186863e3dc8dd137c01021c 10G 303M 9.7G 3% /
Comment 4 Stephen Tweedie 2015-02-20 16:56:26 UTC
/run is non-persistent on RHEL and Fedora too, this isn't container-specific. In httpd's case, these files are created on boot via /usr/lib/tmpfiles.d/httpd.conf which causes the appropriate /run/httpd and /run/httpd/htcacheclean directories to be created at each boot. A container start script for httpd will need to replicate this action.
Comment 5 Andrew Blum 2015-02-20 17:21:38 UTC
Ok. based on Stephen's comments and a quick chat on irc...I think this will need to be the httpd "hello world": FROM https://github.com/fedora-cloud/Fedora-Dockerfiles/tree/master/apache -bash-4.2# docker run -it registry.access.redhat.com/rhel7 /bin/bash bash-4.2# yum install httpd -y bash-4.2# echo kc5 > /var/www/html/index.html Create startup script: ---------------------- bash-4.2# vi /usr/bin/my_httpd_startup.bash #!/bin/bash # Make sure we're not confused by old, incompletely-shutdown httpd # context after restarting the container. httpd won't start correctly # if it thinks it is already running. rm -rf /run/httpd/* # need to create directories per /usr/lib/tmpfiles.d/httpd.conf ## d /run/httpd 710 root apache ## d /run/httpd/htcacheclean 700 apache apache mkdir -p /run/httpd/htcacheclean chmod 710 /run/httpd chmod 700 /run/httpd/htcacheclean chown root:apache /run/httpd chown apache:apache /run/httpd/htcacheclean exec /usr/sbin/apachectl -D FOREGROUND -------------------- bash-4.2# chmod 755 /usr/bin/my_httpd_startup.bash -bash-4.2# docker run -p 8080:80 -d mytest /usr/bin/my_httpd_startup.bash 8518f03a28782745c4148667b1a936e7a052284231bde4c16d82b4ce3a0d0f72 -bash-4.2# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8518f03a2878 mytest:latest "/usr/bin/my_httpd_s 3 seconds ago Up 2 seconds 0.0.0.0:8080->80/tcp goofy_tesla -bash-4.2# curl localhost:8080 kc5 -bash-4.2# docker stop 8518f03a2878 8518f03a2878 NOTE: docker stop will now take 10 sec, the default time before docker sends the sigkill since our wrapper script can't handle the sigterm.
Comment 6 Daniel Walsh 2015-02-20 19:02:53 UTC
You could also work with systemd in the container. If you build an image using a docker file, this should work correctly also. The /run patch will copy the content under /run on the image to /run on the image.