Podman,Docker: --init option

Definition

This option allows you to run a small init system in the container in order to get rid of zombie processes. Let me remind you that in the container, by default, the parent process is not systemd/init, but the value from ENTRYPOINT/CMD

Where to use? For example, in Ansible Execution-Environment — a container for running a playbook or task in AWX, when starting this container there is a high probability that during the execution of the playbook a bunch of zombie processes will appear and as a result a fork error may appear with the playbook/task stopping (see the picture related)

• https://github.com/ansible/ansible/issues/49270
• https://github.com/operator-framework/operator-sdk/issues/1551

Docker

Docker uses tini:

sudo apt install tini

docker run -it --init busybox sh
/ # ps
PID   USER     TIME  COMMAND
    1 root      0:00 /sbin/docker-init -- sh
    7 root      0:00 sh
    9 root      0:00 ps
/ # exit

Podman

Podman uses catatonit, but also has a --init-path option to specify the path to a different init system:

sudo apt install catatonit

podman run -it --init busybox sh
/ # ps
PID   USER     TIME  COMMAND
    1 root      0:00 /run/podman-init -- sh
    7 root      0:00 sh
    8 root      0:00 ps
/ # exit

# You can run it with tini instead of catatonit
podman run -it --init --init-path /usr/bin/tini busybox sh

Entrypoint

In fact, --init simply substitutes the init system binary into the ENTRYPOINT instruction (at the very beginning), for adding to the image via Dockerfile/Containerfile:

FROM busybox:latest

ENTRYPOINT ["/usr/bin/tini"]