Using systemd in docker


It is convenient to be able to use systemd when a software depends on it to run. It does not work out of the box though. @pilou ilou suggested the following, based on a blog post, within molecule:

   # See
  - name: molecule_test_instance
    image: ${BASE_IMAGE:-debian:stretch}
    command: /sbin/init
    security_opts: ['seccomp=unconfined']
    # seccomp profile is available here:
    tmpfs: ['/tmp', '/run', '/run/lock']
    volumes: ['/sys/fs/cgroup:/sys/fs/cgroup:ro']
      container: docker

Which is equivalent to the following CLI, more or less docker run -it -e container=docker --security-opt seccomp=unconfined --stop-signal=SIGRTMIN+3 --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro debian_with_systemd /sbin/init

To install systemd in the Dockerfile:

RUN if [ $(command -v apt-get) ]; then \
         apt-get install -y systemd-sysv \
         && apt-get clean && rm -rf /var/lib/apt/lists/* ; \



The author of the certbot role uses a similar technique in the debian9 image he uses for molecule tests.


Main difference: author of certbot use privileged container.