-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Puppet-Agent running in docker can't manage host systemd services #2467
Comments
@seancharlton can you provide more context about why you're running puppet agents in docker containers? Are you running puppet in a Dockerfile when building the image? Or are you managing the running docker container using puppet? |
@joshcooper It's a internal policy with a new batch of systems. Those Systems use Fedora CoreOS as their host system and every application on it has to be run in a Container. The puppet-agent in the container is used to managed the Fedora CoreOS System itself and all the systemd services files. Since there is a puppet-agent docker image and the documentation mentioned Fedora CoreOS, I believed that all puppet ressource type would work out of the box. |
Generally speaking trying to manage the host OS from inside a docker container is going to be an uphill battle and not something we recommend or support so I'm going to close this. You might be able to get something working, but ultimately you're going to have to work around all of the security layers that docker has to prevent a container from taking over the host OS. |
the linked docs page describes how to start/stop containers with their service files, like |
Describe the Bug
The puppet-agent ( https://hub.docker.com/r/puppet/puppet-agent ), running in a docker-container, can't manage the hosts systemd services like a native puppet-agent can.
I'm running the puppet-agent like the Overview Page on Docker Hub
docker run --rm --privileged --hostname agent -v /tmp:/tmp -v /etc:/etc -v /var:/var -v /usr:/usr -v /lib64:/lib64 puppet/puppet-agent-ubuntu
Hope there is a way to get this working.
Expected Behavior
Puppet-Agent running in container behaves like the native running binary.
Steps to Reproduce
Steps to reproduce the behavior:
docker run --rm --privileged --hostname agent -v /tmp:/tmp -v /etc:/etc -v /var:/var -v /usr:/usr -v /lib64:/lib64 puppet/puppet-agent-ubuntu
docker exec -ti <name_of_container> bash
service { 'chrony': ensure => 'stopped', enable => true, provider => 'systemd', }
puppet apply ./init.pp ... Notice: Compiled catalog for agent in environment production in 0.01 seconds Error: /Stage[main]/Main/Service[chrony]: Provider systemd is not functional on this host
Environment
Additional Context
System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down
Error: /Stage[main]/Main/Service[chrony]: Provider systemd is not functional on this host
The text was updated successfully, but these errors were encountered: