Docker containers as Linux services?
I just created a secure Docker Registry and ran it on a remote VM (using
docker run ...). I then ran
docker ps and saw that it is in fact running. I exited the machine and then SSHed back in. Again, I ran
docker ps and verified it “survived” me exiting the SSH session.
This has me wondering: do Docker containers actually run as Linux services? If not, is there any way of getting them to run as traditional (
systemd-based) services? Is there even any reason/merit to do so?
One Solution collect form web for “Docker containers as Linux services?”
The docker engine runs as a daemon.
That is mentioned in “Host integration”:
As of Docker 1.2, restart policies are the built-in Docker mechanism for restarting containers when they exit. If set, restart policies will be used when the Docker daemon starts up, as typically happens after a system boot. Restart policies will ensure that linked containers are started in the correct order.
If restart policies don’t suit your needs (i.e., you have non-Docker processes that depend on Docker containers), you can use a process manager like
That involves (when a container runs with some options) some security fraught, by the way: see issue 14767 and issue 6401:
The container (with
--net hostoption) is the host when it comes to the network stack so any services running on the host are accessible to the container. It just so happens that you communicate to upstart ( and others ) this way.
This feature is a runtime only option, just like the
--privilegedflag, therefore an image cannot request this, it must be explicitly set at runtime.