Disable service networking (`init.d/networking`)

Question

Disable service networking (`init.d/networking`)

Closed this issue 9 years ago · 3 comments

Docker manages the networking interfaces itself, so /etc/init.d/networking just takes time to run, when systemd is used as the process supervisor within the container.

# systemd-analyze blame
WARNING: terminal is not fully functional
           191ms getty@tty1.service
           122ms nginx.service
            57ms networking.service
            20ms systemd-udev-trigger.service
            10ms systemd-journal-flush.service
             8ms systemd-logind.service
             8ms rc-local.service
             7ms systemd-tmpfiles-setup-dev.service
             7ms rsyslog.service
             7ms systemd-update-utmp.service
             4ms systemd-tmpfiles-clean.service
             3ms systemd-tmpfiles-setup.service
             3ms dev-hugepages.mount
             2ms sys-kernel-debug.mount
             2ms systemd-udevd.service
             2ms systemd-user-sessions.service
             2ms systemd-remount-fs.service
             1ms systemd-setup-dgram-qlen.service
             1ms systemd-update-utmp-runlevel.service
             1ms systemd-modules-load.service
             1ms systemd-random-seed.service
             1ms systemd-sysctl.service
           980us sys-fs-fuse-connections.mount
           867us udev-finish.service

An unprivileged Docker(?) container doesn’t even have the capabilities to do networking stuff.

# systemctl status systemd-networkd
● systemd-networkd.service - Network Service
   Loaded: loaded (/lib/systemd/system/systemd-networkd.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
Condition: start condition failed at Sun 2015-07-26 12:27:11 UTC; 15s ago
           ConditionCapability=CAP_NET_ADMIN was not met
     Docs: man:systemd-networkd.service(8)

Jul 26 12:27:11 haproxy systemd[1]: Started Network Service.

So removing that file or running update-rc.d networking remove (or systemctl disable networking) might be useful.

Answer 1 · 2015-08-20T15:26:02.000Z

Hi, thanks for the report. I have no experience of running system as a process manager within a container, although it was on my list of things to take a look at. I am a little surprised that you would choose to do so with systemd's built in services/system mode, however, rather than using a specific set of services or user mode to manage your container's processes.

I'd be interested to hear more about the use-case where you would run it in system mode. On the other hand, disabling the network service is benign for other use cases, so I'll look into doing it anyway.

Answer 2 · 2016-04-19T21:14:34.000Z

I'm going to close this as I think that you probably want(ed) systemd in user mode anyway, but please re-open if you disagree.

Answer 3 · 2016-04-20T06:39:19.000Z

Could you please elaborate on the systemd user mode? I don’t know what you mean with that. I definitely want to use systemd as the process manager in the container.