> That indicates that the systemd or apache inside the container do not > correctly make use of the the socket passed into them. You need to > make sure that inside the container you have pretty much the same > .socket unit running as on the host. The ListStream lines must be > identical, so that systemd inside the container recognizes the sockets > passed in from the host as the ones to use for apache. The only > difference for the socket units is that on the host they should > activate the container, in the container they should activate apache. > ... > Well, because the socket wasn't passed on right the connection on it > will still be queued after the container exits again. systemd will > thus immediately spawn the container again. > > Basically, if you fix your issue #1, your issue #3 will be magically > fixed too.
Now I understand the mechanizm, at least I think so. Unfortunately I have apache 2.4.x . I tried to apply the patches Christian Seiler mentioned, but I was unable to build the package. I think I have to wait a little bit longer in order to make it work. Anyway, I tried to reproduce the ssh example (it can be found here: http://0pointer.net/blog/projects/socket-activated-containers.html) just for testing purposes, and I dont't experience the rebooting issue anymore, but there's another thing: morfik:~$ ssh -p 23 192.168.10.10 ^C morfik:~$ ssh -p 23 192.168.10.10 ssh: connect to host 192.168.10.10 port 23: Connection refused The container started when I had tried to connect for the first time, but I couldn't connect to this port after that, and I have no idea why. I tried to figure out what went wrong, but I failed. # machinectl status debian-tree -l --no-pager debian-tree Since: Thu 2015-02-05 00:21:41 CET; 1min 16s ago Leader: 103953 (systemd) Service: nspawn; class container Root: /media/Kabi/debian-tree Address: 192.168.10.10 fe80::1474:8dff:fe79:6b44 OS: Debian GNU/Linux 8 (jessie) Unit: machine-debian\x2dtree.scope ├─103953 /lib/systemd/systemd 3 └─system.slice ├─dbus.service │ └─104069 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation ├─cron.service │ └─104043 /usr/sbin/cron -f ├─apache2.service │ ├─104481 /usr/sbin/apache2 -k start │ ├─104485 /usr/sbin/apache2 -k start │ ├─104511 /usr/sbin/apache2 -k start │ ├─104512 /usr/sbin/apache2 -k start │ ├─104513 /usr/sbin/apache2 -k start │ ├─104515 /usr/sbin/apache2 -k start │ └─104516 /usr/sbin/apache2 -k start ├─system-sshd.slice │ └─sshd@0-192.168.10.10:23-192.168.10.10:51767.service │ ├─104041 sshd: [accepted] │ └─104042 sshd: [net] ├─systemd-journald.service │ └─103975 /lib/systemd/systemd-journald ├─systemd-logind.service │ └─104046 /lib/systemd/systemd-logind ├─mysql.service │ ├─104090 /bin/sh /usr/bin/mysqld_safe │ └─104453 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-error=/var/log/mysql/error.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=4444 ├─console-getty.service │ └─104208 /sbin/agetty --noclear --keep-baud console 115200 38400 9600 vt102 └─rsyslog.service └─104088 /usr/sbin/rsyslogd -n Then I logged into the container: root:~# machinectl login debian-tree ... root@www:/home/morfik# netstat -tupan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.10.10:4444 0.0.0.0:* LISTEN 483/mysqld tcp6 0 0 :::80 :::* LISTEN 511/apache2 tcp6 0 0 :::22 :::* LISTEN 1/systemd tcp6 0 0 :::443 :::* LISTEN 511/apache2 Nothing listens on the port 23, why? Still inside of the container: root@www:/home/morfik# tree /etc/systemd/system /etc/systemd/system |-- getty.target.wants | `-- getty@tty1.service -> /lib/systemd/system/getty@.service |-- multi-user.target.wants | |-- cron.service -> /lib/systemd/system/cron.service | |-- remote-fs.target -> /lib/systemd/system/remote-fs.target | `-- rsyslog.service -> /lib/systemd/system/rsyslog.service |-- sockets.target.wants | |-- ssh.socket -> /lib/systemd/system/ssh.socket | `-- sshd.socket -> /etc/systemd/system/sshd.socket |-- sshd.socket |-- sshd@.service `-- syslog.service -> /lib/systemd/system/rsyslog.service 3 directories, 9 files root@www:/home/morfik# cat /etc/systemd/system/sshd.socket [Unit] Description=SSH Socket for Per-Connection Servers [Socket] ListenStream=192.168.10.10:23 Accept=yes [Install] WantedBy=sockets.target root@www:/home/morfik# cat /etc/systemd/system/sshd@.service [Unit] Description=SSH Per-Connection Server for %I [Service] ExecStart=-/usr/sbin/sshd -i StandardInput=socket root@www:/home/morfik# systemctl status sshd.socket ● sshd.socket - SSH Socket for Per-Connection Servers Loaded: loaded (/etc/systemd/system/sshd.socket; enabled) Active: active (listening) since Wed 2015-02-04 23:21:41 UTC; 9min ago Listen: 192.168.10.10:23 (Stream) Accepted: 1; Connected: 0 Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable. So it accepted one connection, started the container, and something went wrong, even though it says that everything is ok. I don't know why the journal warning shows up, it always appears after starting the container. Anyway, I tried to restart it: root@www:/home/morfik# systemctl restart sshd.socket root@www:/home/morfik# systemctl status sshd.socket ● sshd.socket - SSH Socket for Per-Connection Servers Loaded: loaded (/etc/systemd/system/sshd.socket; enabled) Active: active (listening) since Wed 2015-02-04 23:32:36 UTC; 1s ago Listen: 192.168.10.10:23 (Stream) Accepted: 1; Connected: 0 Feb 04 23:32:36 www systemd[1]: Stopping SSH Socket for Per-Connection Servers. Feb 04 23:32:36 www systemd[1]: Starting SSH Socket for Per-Connection Servers. Feb 04 23:32:36 www systemd[1]: Listening on SSH Socket for Per-Connection Servers. and: root@www:/home/morfik# netstat -tupan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.10.10:23 0.0.0.0:* LISTEN 1/systemd tcp 0 0 192.168.10.10:4444 0.0.0.0:* LISTEN 483/mysqld tcp6 0 0 :::80 :::* LISTEN 511/apache2 tcp6 0 0 :::22 :::* LISTEN 1/systemd tcp6 0 0 :::443 :::* LISTEN 511/apache2 So now it works, and I can connect via ssh -p 23 192.168.10.10 from the host, and after doing so: root@www:/home/morfik# systemctl status sshd.socket ● sshd.socket - SSH Socket for Per-Connection Servers Loaded: loaded (/etc/systemd/system/sshd.socket; enabled) Active: active (listening) since Wed 2015-02-04 23:32:36 UTC; 1min 52s ago Listen: 192.168.10.10:23 (Stream) Accepted: 2; Connected: 1 Feb 04 23:32:36 www systemd[1]: Stopping SSH Socket for Per-Connection Servers. Feb 04 23:32:36 www systemd[1]: Starting SSH Socket for Per-Connection Servers. Feb 04 23:32:36 www systemd[1]: Listening on SSH Socket for Per-Connection Servers. The socket is linked, but apparently it doesn't start at boot. Any idea?
pgpFx4I2qUQwJ.pgp
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
