Bug 1286787 - docker should create /etc/machine-id
docker should create /etc/machine-id
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: docker (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Daniel Walsh
atomic-bugs@redhat.com
: Extras
Depends On:
Blocks: 1286812
  Show dependency treegraph
 
Reported: 2015-11-30 13:01 EST by Frantisek Kluknavsky
Modified: 2016-06-23 12:17 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1285805
Environment:
Last Closed: 2016-06-23 12:17:42 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 1 Daniel Walsh 2015-12-01 17:30:28 EST
We are looking at handling this using a different mechanism.

https://github.com/docker/docker/pull/17021

Which would allow us to ship hooks which could register the container with systemd.


https://github.com/sallyom/Register

This will registermachine all containers.


https://github.com/mrunalp/hooks
This will configue systemd based containers to be able to run in a non privileged container.
Comment 2 Daniel Walsh 2015-12-01 17:31:04 EST
This functionality should be in docker-1.10 from us and hopefully hooks patch will get accepted upstream.
Comment 3 Daniel Walsh 2015-12-18 15:11:12 EST
Hooks patch was closed upstream, but we will continue to carry it.
Comment 4 Daniel Walsh 2016-02-22 16:22:02 EST
https://github.com/projectatomic/oci-systemd-hook 

Handles this for now, need to complete packaging of this for Fedora and then ship it in RHEL.
Comment 5 Daniel Walsh 2016-02-22 16:22:02 EST
https://github.com/projectatomic/oci-systemd-hook 

Handles this for now, need to complete packaging of this for Fedora and then ship it in RHEL.
Comment 6 Daniel Walsh 2016-06-03 09:29:06 EDT
Fixed in docker-1.10
Comment 7 Jan Pazdziora 2016-06-07 12:39:28 EDT
Whoa, it's magic of all magics with unicorns.

I confirm that without oci-systemd-hook installed, I get

# docker run --rm -ti rhel7.2 /usr/sbin/init
Failed to mount tmpfs at /run: Operation not permitted
[!!!!!!] Failed to mount API filesystems, freezing.

When I install oci-systemd-hook-1.10.3-31.el7.x86_64, running the same command yields

systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Detected virtualization docker.
Detected architecture x86-64.

Welcome to Red Hat Enterprise Linux Server 7.2 (Maipo)!

Set hostname to <461aeee99967>.
[  OK  ] Reached target Encrypted Volumes.
[  OK  ] Reached target Remote File Systems.
[  OK  ] Reached target Swap.
[  OK  ] Reached target Paths.
[  OK  ] Created slice Root Slice.
[  OK  ] Created slice System Slice.
[  OK  ] Created slice system-getty.slice.
[  OK  ] Created slice User and Session Slice.
[  OK  ] Listening on /dev/initctl Compatibility Named Pipe.
[  OK  ] Listening on Journal Socket.
         Starting Rebuild Dynamic Linker Cache...
         Starting Load/Save Random Seed...
[  OK  ] Reached target Local File Systems (Pre).
[  OK  ] Reached target Local File Systems.
         Starting Rebuild Journal Catalog...
         Starting Rebuild Hardware Database...
         Starting Journal Service...
[  OK  ] Reached target Slices.
[  OK  ] Listening on Delayed Shutdown Socket.
[  OK  ] Started Load/Save Random Seed.
[  OK  ] Started Journal Service.
[  OK  ] Started Rebuild Journal Catalog.
         Starting Flush Journal to Persistent Storage...
[  OK  ] Started Flush Journal to Persistent Storage.
         Starting Create Volatile Files and Directories...
[  OK  ] Started Create Volatile Files and Directories.
         Starting Update UTMP about System Boot/Shutdown...
[  OK  ] Started Update UTMP about System Boot/Shutdown.
[  OK  ] Started Rebuild Dynamic Linker Cache.
[  OK  ] Started Rebuild Hardware Database.
         Starting Update is Completed...
[  OK  ] Started Update is Completed.
[  OK  ] Reached target System Initialization.
[  OK  ] Reached target Timers.
[  OK  ] Listening on D-Bus System Message Bus Socket.
[  OK  ] Reached target Sockets.
[  OK  ] Reached target Basic System.
[  OK  ] Started D-Bus System Message Bus.
         Starting D-Bus System Message Bus...
         Starting Permit User Sessions...
         Starting Login Service...
         Starting Cleanup of Temporary Directories...
[  OK  ] Started Cleanup of Temporary Directories.
[  OK  ] Started Permit User Sessions.
[  OK  ] Started Console Getty.
         Starting Console Getty...
[  OK  ] Reached target Login Prompts.
[  OK  ] Started Login Service.
[  OK  ] Reached target Multi-User System.
         Starting Update UTMP about System Runlevel Changes...
[  OK  ] Started Update UTMP about System Runlevel Changes.

Red Hat Enterprise Linux Server 7.2 (Maipo)
Kernel 3.10.0-327.el7.x86_64 on an x86_64

461aeee99967 login: 


and
# docker exec -ti 461aeee99967 systemctl get-default
multi-user.target
Comment 8 Jan Pazdziora 2016-06-07 12:41:12 EDT
On the other hand, on Fedora 23 with docker-1.10.3-24.gitf476348.fc23.x86_64 installed from updates-testing, I don't see oci-systemd-hook available:

# dnf install oci-systemd-hook
Last metadata expiration check: 2:27:38 ago on Tue Jun  7 10:13:21 2016.
No package oci-systemd-hook available.
Comment 9 Daniel Walsh 2016-06-07 14:24:04 EDT
We have not released oci* tools to anything newer the fedora 24.
Comment 11 Luwen Su 2016-06-11 13:06:34 EDT
In 
docker-1.10.3-40.el7.x86_64
oci-register-machine-1.10.3-40.el7.x86_64
oci-systemd-hook-1.10.3-40.el7.x86_64

# docker run --name systemd1 -t -v /sys/fs/cgroup:/sys/fs/cgroup:ro fedora /usr/sbin/init

# docker exec -ti systemd1 systemctl get-default
multi-user.target
Comment 12 Daniel Walsh 2016-06-12 07:01:10 EDT
BTW
The following should not longer be necessary.
-v /sys/fs/cgroup:/sys/fs/cgroup:ro
Comment 14 errata-xmlrpc 2016-06-23 12:17:42 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1274

Note You need to log in before you can comment on or make changes to this bug.