Containerizing open-vm-tools – Part 2: Atomic CLI and Converting to a Systems Container
The content of the previous post discussed creating the open-vm-tools container’s Dockerfile and automating its started up via systemd with a unit file.
Open-vm-tools as a service might need to start before the docker runtime or even the network stack, this leads us to runc and system containers. If you’ve finished the first article you have a running open-vm-tools Docker container.
docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5428906cd366 open-vm-tools "/bin/sh -c /usr/bin/" 13 seconds ago Up 7 seconds admiring_easley
Once you have a local running Docker container, you can import that container into a system container utilizing the atomic CLI. Alternatively, you can install the full container from a registry like; registry.access.redhat.com.
atomic pull --storage=ostree docker:open-vm-tools atomic install --system open-vm-tools systemctl start open-vm-tools # This will pull the container from a registry atomic pull --storage ostree registry.access.redhat.com/rhel7/open-vm-tools atomic install --system registry.access.redhat.com/rhel7/open-vm-tools systemctl start open-vm-tools
This process creates a root filesystem under /var/lib/containers/atomic/open-vm-tools for the container’s use. The atomic command additionally creates the systemd unit file and enables the service for subsequent restarts.
runc list ID PID STATUS BUNDLE CREATED open-vm-tools 725 running /var/lib/containers/atomic/open-vm-tools.0 2017-05-22T16:18:45.054839866Z cat /etc/systemd/system/open-vm-tools.service [Unit] Description=Service for virtual machines hosted on VMware Documentation=http://github.com/vmware/open-vm-tools ConditionVirtualization=vmware [Service] ExecStart=/bin/runc --systemd-cgroup run 'open-vm-tools' ExecStop=/bin/runc --systemd-cgroup kill 'open-vm-tools' WorkingDirectory=/var/lib/containers/atomic/open-vm-tools.0 [Install] WantedBy=multi-user.target
The open-vm-t0ols vmware-toolbox can be accessed via a runc exec or docker exec as well. Create a wrapper with the command below. This allows vmware-toolbox-cmd and other open-vm-tools commands run from the atomic host without the need to exec into the running container. If you
# runc system container wrapper echo 'runc exec -t open-vm-tools vmware-toolbox-cmd "$@"' > /usr/local/bin/vmware-toolbox-cmd chmod +x/usr/local/bin/vmware-toolbox-cmd # or Docker container echo 'docker exec -t open-vm-tools vmware-toolbox-cmd "$@"' > /usr/local/bin/vmware-toolbox-cmd chmod +x/usr/local/bin/vmware-toolbox-cmd vmware-toolbox-cmd --version 10.0.5.52125 (build-3227872)
The concludes the second part of the containerizing open-vm-tools guide. Installing open-vm-tools as a container in atomic will extend its manageability and functionality on a VMware platform.