Nomad: Passing --init to docker run

Created on 17 Jun 2017 · 11Comments · Source: hashicorp/nomad

As of Docker 1.13, tini is part of docker engine. All you got to do it pass --init to docker run.

I think this would be very useful to support in Nomad, especially because it’s a common trap many people walk into (I’d even argue to make it default eventually).

Any chance of adding it? I understand you’re using the API and the bindings for that option might be missing?

stagneeds-discussion themdrivedocker typenhancement

Source

hynek

👍9

Most helpful comment

Looks like https://docs.docker.com/engine/api/v1.39/#operation/ContainerCreate indicates this is passable as part of the API now in recent docker engines.

nathanhruby on 8 Nov 2018

👍3 🎉2

All 11 comments

@hynek Would love a PR for this!

dadgar on 20 Jun 2017

So I did some research, because I just couldn’t find the --init option in any API offered.

But then I found a clue in https://docs.docker.com/engine/reference/run/

The default init process used is the first docker-init executable found in the system path of the Docker daemon process. This docker-init binary, included in the default installation, is backed by tini.

With some experimenting I found out that docker run --init will simply copy docker-init to /dev/init and use it to run the entrypoint.

Do you have any guidance on whether/how this could be implemented in Nomad?

hynek on 1 Jul 2017

Wouldn't it make sense to be able to pass an array of custom docker run args instead of implementing every single one? similar to arsg[] for command.

ThomasLohner on 26 Aug 2017

redacted brain fart

hynek on 28 Aug 2017

Wait no never mind I got confused for a minute. The "problem" is that nomad never passes any CLI args to docker, it uses its API. And certain args sadly aren't exposed by the API. --init being one of them.

hynek on 28 Aug 2017

I understand, in that case there's no other choice than implementing all the stuff.

ThomasLohner on 29 Aug 2017

Looks like https://docs.docker.com/engine/api/v1.39/#operation/ContainerCreate indicates this is passable as part of the API now in recent docker engines.

nathanhruby on 8 Nov 2018

👍3 🎉2

Any word on adding support for this? Because node.js requires this flag to properly handle external signals, we're running into it as a limitation.

Reference: https://github.com/nodejs/docker-node/blob/master/docs/BestPractices.md#handling-kernel-signals

mlehner616 on 25 Apr 2019

FWIW, until it gets fixed, it's quite easy to simulate.

You just add something like this to your base images:

# Add Tini
ENV TINI_VERSION v0.18.0
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
RUN chmod +x /tini
ENTRYPOINT ["/tini", "--"]

# Run your program under Tini
CMD ["/your/program", "-and", "-its", "arguments"]
# or docker run your-image /your/program ...

See https://github.com/krallin/tini

hynek on 27 Apr 2019

👍1

To add to @hynek's comment.

If you use Alpine Linux (latest stable 3.9) as your base image you get tini plus a static linked variant tini-static in the official repositories. You also have dumb-init, another minimal init system for containers.