github.com/darmach/terratest@v0.34.8-0.20210517103231-80931f95e3ff/test-docker-images/gruntwork-centos-test/README.md

github.com/darmach/terratest@v0.34.8-0.20210517103231-80931f95e3ff/test-docker-images/gruntwork-centos-test/README.md (about)

     1  # Gruntwork CentOS-Test Docker Image
     2  
     3  The purpose of this Docker image is to provide a pre-built CentOS 7 Docker image that has most of the libraries
     4  we would expect to be installed on the CentOS 7 AMI that would run in AWS. For example, we'd expect `sudo` in AWS, but it
     5  doesn't exist by default in Docker `centos:7`. It also aims to allow [systemd](https://www.freedesktop.org/wiki/Software/systemd/)
     6  to run, which, in turn, allows you to run one or more services as [systemd units](https://www.freedesktop.org/software/systemd/man/systemd.unit.html).
     7  
     8  ### Building and Pushing a New Docker Image to Docker Hub
     9  
    10  This Docker image should publicly accessible via Docker Hub at https://hub.docker.com/r/gruntwork/centos-test/. To build and
    11  upload it:
    12  
    13  1. `docker build -t gruntwork/centos-test:7 .`
    14  1. `docker push gruntwork/centos-test:7`
    15  
    16  ### Running this Docker Image
    17  
    18  Running systemd require elevated privileges for the Docker container, so you should run this Docker image with at least
    19  the following options:
    20  
    21  ```
    22  docker run -d --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro gruntwork/zookeeper-centos-test:latest
    23  ```
    24  
    25  Note that:
    26  
    27  - We do not specify a run command like `/bin/bash` because we need to retain the Docker Image's default run command of
    28    `/usr/sbin/init`. This makes systemd Process ID 1, which allows it to spawn an arbitrary number of other services
    29  - You can then connect to the Docker container with `docker exec -it <container-id> /bin/bash`.
    30  - The container must be `--privileged` because it needs to break out of the typical [cgroups](
    31    https://docs.docker.com/engine/docker-overview/#the-underlying-technology) to run an init system like systemd.
    32  - You must "hook in" to a Linux host's cgroups to allow each service to run in its own cgroup. This works even on Docker
    33    for Mac and Docker for Windows because those systems still use a Linux VM to run the Docker engine and do not expose
    34    the entire host system (e.g. your Mac laptop) for docker volume mounting.
    35  
    36