https://rancher.com/ logo
Powered by
d

damp-dog-95269

06/14/2022, 3:03 PM
Hey folks, I recently changed my laptop to Mac with M1 chip (from Intel) and replaced Docker Desktop with Rancher Desktop. All good but with one thing keeps annoying me: I can't run 
systemd
-powered containers properly anymore for some reason. I'm not sure whether it's because of Docker version itself, or it's because of the change of Desktop. To make it clearer, I used footloose, a small cli tool to create so-called VM-like containers where the 
sshd
process will be on by 
systemd
within the container so that I can SSH into it by its simple wrapper command, like:
Copy code
footloose ssh ubuntu-0 -c ubuntu18.04-1-arm64.yaml
But it fails now as I found that the 
sshd
process was not running there like it should. The Dockerfile I used to build Mac M1 image is:
Copy code
FROM arm64v8/ubuntu:18.04

ENV container docker

# Don't start any optional services except for the few we need.
RUN find /etc/systemd/system \
    /lib/systemd/system \
    -path '*.wants/*' \
    -not -name '*journald*' \
    -not -name '*systemd-tmpfiles*' \
    -not -name '*systemd-user-sessions*' \
    -exec rm \{} \;

RUN apt-get update && \
    apt-get install -y \
    dbus systemd openssh-server net-tools iproute2 iputils-ping curl wget vim-tiny sudo && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

RUN >/etc/machine-id
RUN >/var/lib/dbus/machine-id

EXPOSE 22

RUN systemctl set-default multi-user.target
RUN systemctl mask \
      dev-hugepages.mount \
      sys-fs-fuse-connections.mount \
      systemd-update-utmp.service \
      systemd-tmpfiles-setup.service \
      console-getty.service
RUN systemctl disable \
      networkd-dispatcher.service

# This container image doesn't have locales installed. Disable forwarding the
# user locale env variables or we get warnings such as:
#  bash: warning: setlocale: LC_ALL: cannot change locale
RUN sed -i -e 's/^AcceptEnv LANG LC_\*$/#AcceptEnv LANG LC_*/' /etc/ssh/sshd_config

# <https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/>
STOPSIGNAL SIGRTMIN+3

CMD ["/bin/bash"]
So some guesses here: 1. It's because of the 
Docker
version for the potential 
cgroup
related issues; 2. It's because of the OS used in the VM powered by Rancher Desktop, which is:
Copy code
$ uname -a
Linux lima-rancher-desktop 5.15.32-0-virt #1-Alpine SMP Mon, 28 Mar 2022 13:09:00 +0000 aarch64 Linux
Kindly advise. Thanks!
Well, after few more testing, I found that it's because of 
cgroups
related: as long as I start it up without an explicit bind mount of
Copy code
-v /sys/fs/cgroup:/sys/fs/cgroup:ro
And then it works. So I may need to dive deeper into this to check whether it has some 
cgroups
version compatibility related issues
so it's not an issue around Docker or RD
223 Views
Powered by