Following up with my previous post, let me show an example of setting up a container with sshd running by default, under daemontools supervision:

Key commands:

  • update-service from daemontools-run Ubuntu package is used here to add the service directory in /etc/sshd. This is really just a fancy way in Ubuntu to do cd /etc/service && ln -sf /etc/ssh/service sshd which would be done otherwise on other systems.
  • docker ps -l -q is a very useful Docker idiom, so much that I've made and alias of it in my .bashrc as docker last.
  • docker inspect can be used to retrieve external information about the running container, such as its IP address, that can then be used on the host to connect to (like in this example, via ssh.)

You can get this image from the Docker index under zakame/base, default root password is docker. Additionally, I set sshd to not use PAM authentication here as I'm on a Slackware host, and I needed to make /var/run/sshd manually this directory is normally made at startup during init.

Docker and daemontools: best buddies

I've been running docker for quite a while now, as I found it fun to use, and rather easy to deploy even on a Slackware system. It is even better to use it with daemontools, both to supervise the docker process as well as to be an alternative to init inside containers. Here are some notes regarding this kind of usage:

Docker service under daemontools

Docker has a simple server mode called using docker -d, which simply listens to a local socket (typically /var/run/docker.sock) and emits logs to STDOUT. This mode is naturally suitable for running docker under daemontools as a supervise service, so much so that it is almost a no-brainer to configure:

$ cat /service/docker/run
exec 2>&1
exec docker -d

Notice that the docker output is redirected, which can then be collected in a logger subprocess like multilog:

$ cat /service/docker/log/run
exec multilog t ./main

daemontools in Docker containers

Docker containers can be thought of as lightweight virtual machines; some even view it as a better chroot environment with its own networking and namespaces separate from the host system. Thus, one can run init like supervisor services inside these containers, and daemontools is a good choice for such a supervisor:

# docker run -i -t ubuntu /bin/bash
# sed -e 's/main$/main universe' /etc/apt/sources.list > /etc/apt/
# mv /etc/apt/sources.list{.new,}
# apt-get update
# apt-get install daemontools-run
# sh -c 'exec /usr/bin/svscanboot &'
# ps axf
... add daemons, scripts and install them in /etc/service
# exit

Once you've created an image, you can use docker commit with the -run option to add a Cmd that will be run be default when creating container with docker run -d:

# $myservice_id=`docker ps -l -q`
# docker commit -run '{"Cmd": ["/usr/bin/svscanboot"]}' $myservice_id myservice

If you have services listening on ports, be sure to add a PortSpecs key in your docker commit -run invocation with the appropriate ports to be exposed on the container, like this:

# docker commit -run '{"Cmd": ["/usr/bin/svscanboot"], "PortSpecs": ["22", "80"]}' $myservice_id my_ssh_web_container

Once created, you can now run your container with docker run -d:

# docker run -d my_ssh_web_container
# docker inspect `docker ps -l -q` | grep IPAddress
... ssh or browse the IP address found above...