Hide Forgot
Description of problem: Systemd in container needs /run to be a separate volume or it complains # docker run --rm -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro rhel7 /usr/sbin/init Failed to mount tmpfs at /run: Operation not permitted [!!!!!!] Failed to mount API filesystems, freezing. So in my FreeIPA server Dockerfiles I do VOLUME /run to minimize the number of options that users have to pass docker run (avoid having to specify -v /run). This works but with Docker 1.10, it'd be good to be able to use --tmpfs for that volume. Version-Release number of selected component (if applicable): docker-common-1.9.1-38.el7.x86_64 docker-latest-1.10.3-19.el7.x86_64 How reproducible: Deterministic. Steps to Reproduce: 1. Have Dockerfile: FROM rhel7 VOLUME /run 2. Built image with docker build -t test-tmpfs . 3. Run docker run --rm -ti test-tmpfs true, see it pass. 4. Run docker run --rm -ti --tmpfs /run test-tmpfs true. Actual results: docker: Error response from daemon: Cannot start container 4086ca4dc1a375346d28a12ab34c45448f898614b21c6960f42008fa76e19639: Duplicate mount point '/run'. Expected results: No error, Docker just using tmpfs for the /run volume. Additional info: This is primarily compatibility and upgrade issue. Since it does not seem to be possible to specify the TMPFS in Dockerfile, it needs to be specified as docker run parameter. But it's not available with docker 1.9-, so it has to be optional. It be good if people on docker 1.10+ could take the advantage of --tmpfs, and people with older dockers could just keep using the built-in VOLUME /run definition.
I'm going to reproduce and probably report upstream as well.
can reproduce with 1.12-dev also - I'm going to work on this with upstream since I think --tmpfs should be handled the same as bind mounts (Dan correct me if I'm wrong) assuming "test" has been built with "VOLUME /run": docker run --rm -v /tmp:/run test true <--- this pass docker run --rm --tmpfs /run test true <--- this should pass as well I think the behavior should be the same
I agree.
Alright, I'm already working on it
Discussion and PR upstream: https://github.com/docker/docker/pull/23301
Still in error with docker-latest-1.10.3-40.el7.x86_64: # docker-latest run --rm -ti --tmpfs /run test-tmpfs true docker: Error response from daemon: Cannot start container 4db05f807cafb33fa027792b8be72d241c020536c9e22220d0d8e310c6c33229: Duplicate mount point '/run'. do we need a new build to include it?
This should not have been in modified state - still working on this with upstream
It should be removed from the errata then...
alright, i'll remove it
merged upstream :) Dan, will be going to carry a patch for this in 1.10.3?
Yes we should carry a patch.
In docker-latest-1.10.3-46.el7.8.x86_64, steps per comment#8, move to verified. #docker-latest run --rm -ti --tmpfs /run test-tmpfs true # echo $? 0
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-1447.html