mirror of
https://github.com/containers/podman.git
synced 2025-07-14 10:09:13 +08:00
generate systemd: use --cidfile again
Commit 9ac5267 changed the type of the generated systemd units from `forking` to `notify`. It further stopped using `--cidfile` and instead intended systemd to take care of stopping the container, which turned out to be a bad idea. Systemd will send the stop/kill signals to conmon which in turn may exit non-zero, depending on the signal, and ultimately breaking container cleanup. Hence, we need to use --cidfile again and let podman stop and remove the container to make sure that everything's in order. Fixes: #11304 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
This commit is contained in:
pkg/systemd/generate
test/system
@ -71,11 +71,12 @@ func filterCommonContainerFlags(command []string, argCount int) []string {
|
||||
case s == "--rm":
|
||||
// Boolean flags support --flag and --flag={true,false}.
|
||||
continue
|
||||
case s == "--sdnotify", s == "--cgroups":
|
||||
case s == "--sdnotify", s == "--cgroups", s == "--cidfile":
|
||||
i++
|
||||
continue
|
||||
case strings.HasPrefix(s, "--rm="),
|
||||
strings.HasPrefix(s, "--cgroups="):
|
||||
strings.HasPrefix(s, "--cgroups="),
|
||||
strings.HasPrefix(s, "--cidfile="):
|
||||
continue
|
||||
}
|
||||
processed = append(processed, s)
|
||||
|
@ -103,12 +103,12 @@ func TestFilterCommonContainerFlags(t *testing.T) {
|
||||
},
|
||||
{
|
||||
[]string{"podman", "run", "--cidfile", "foo", "alpine"},
|
||||
[]string{"podman", "run", "--cidfile", "foo", "alpine"},
|
||||
[]string{"podman", "run", "alpine"},
|
||||
1,
|
||||
},
|
||||
{
|
||||
[]string{"podman", "run", "--cidfile=foo", "alpine"},
|
||||
[]string{"podman", "run", "--cidfile=foo", "alpine"},
|
||||
[]string{"podman", "run", "alpine"},
|
||||
1,
|
||||
},
|
||||
{
|
||||
|
@ -233,9 +233,10 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
|
||||
info.Type = "notify"
|
||||
info.NotifyAccess = "all"
|
||||
info.PIDFile = ""
|
||||
info.ContainerIDFile = ""
|
||||
info.ExecStop = ""
|
||||
info.ExecStopPost = ""
|
||||
info.ContainerIDFile = "%t/%n.ctr-id"
|
||||
info.ExecStartPre = "/bin/rm -f {{{{.ContainerIDFile}}}}"
|
||||
info.ExecStop = "{{{{.Executable}}}} stop --ignore --cidfile={{{{.ContainerIDFile}}}}"
|
||||
info.ExecStopPost = "{{{{.Executable}}}} rm -f --ignore --cidfile={{{{.ContainerIDFile}}}}"
|
||||
// The create command must at least have three arguments:
|
||||
// /usr/bin/podman run $IMAGE
|
||||
index := 0
|
||||
@ -258,6 +259,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
|
||||
}
|
||||
startCommand = append(startCommand,
|
||||
"run",
|
||||
"--cidfile={{{{.ContainerIDFile}}}}",
|
||||
"--cgroups=no-conmon",
|
||||
"--rm",
|
||||
)
|
||||
|
@ -130,7 +130,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman container run --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN "foo=arg \"with \" space"
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman container run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN "foo=arg \"with \" space"
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -152,7 +155,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman container run --cgroups=no-conmon --rm -d --replace --sdnotify=container --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN "foo=arg \"with \" space"
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman container run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm -d --replace --sdnotify=container --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN "foo=arg \"with \" space"
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -174,7 +180,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -196,7 +205,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --pod-id-file %t/pod-foobar.pod-id-file --sdnotify=conmon --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --pod-id-file %t/pod-foobar.pod-id-file --sdnotify=conmon --replace -d --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -218,7 +230,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon --replace --detach --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon --replace --detach --name jadda-jadda --hostname hello-world awesome-image:latest command arg1 ... argN
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -240,7 +255,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -263,9 +281,12 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=102
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon ` +
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon ` +
|
||||
detachparam +
|
||||
` awesome-image:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -289,7 +310,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=102
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test -p 80:80 awesome-image:latest somecmd --detach=false
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test -p 80:80 awesome-image:latest somecmd --detach=false
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -311,7 +335,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=102
|
||||
ExecStart=/usr/bin/podman --events-backend none --runroot /root run --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman --events-backend none --runroot /root run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -333,7 +360,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman container run --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman container run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d awesome-image:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -355,7 +385,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test --log-driver=journald --log-opt=tag={{.Name}} awesome-image:latest
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test --log-driver=journald --log-opt=tag={{.Name}} awesome-image:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -377,7 +410,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test awesome-image:latest sh -c "kill $$$$ && echo %%\\"
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --replace --name test awesome-image:latest sh -c "kill $$$$ && echo %%\\"
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -399,7 +435,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon -d --conmon-pidfile=foo --cidfile=foo awesome-image:latest podman run --cgroups=foo --conmon-pidfile=foo --cidfile=foo alpine
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --conmon-pidfile=foo awesome-image:latest podman run --cgroups=foo --conmon-pidfile=foo --cidfile=foo alpine
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -421,7 +460,10 @@ RequiresMountsFor=/var/run/containers/storage
|
||||
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --pod-id-file %t/pod-foobar.pod-id-file --sdnotify=conmon -d --conmon-pidfile=foo --cidfile=foo awesome-image:latest podman run --cgroups=foo --conmon-pidfile=foo --cidfile=foo --pod-id-file /tmp/pod-foobar.pod-id-file alpine
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --pod-id-file %t/pod-foobar.pod-id-file --sdnotify=conmon -d --conmon-pidfile=foo awesome-image:latest podman run --cgroups=foo --conmon-pidfile=foo --cidfile=foo --pod-id-file /tmp/pod-foobar.pod-id-file alpine
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
@ -444,7 +486,10 @@ Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||
Environment=FOO=abc "BAR=my test" USER=%%a
|
||||
Restart=always
|
||||
TimeoutStopSec=70
|
||||
ExecStart=/usr/bin/podman run --cgroups=no-conmon --rm --sdnotify=conmon -d --env FOO --env=BAR --env=MYENV=2 -e USER awesome-image:latest
|
||||
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
||||
ExecStart=/usr/bin/podman run --cidfile=%t/%n.ctr-id --cgroups=no-conmon --rm --sdnotify=conmon -d --env FOO --env=BAR --env=MYENV=2 -e USER awesome-image:latest
|
||||
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
||||
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
||||
Type=notify
|
||||
NotifyAccess=all
|
||||
|
||||
|
@ -46,11 +46,20 @@ function service_setup() {
|
||||
|
||||
# Helper to stop a systemd service running a container
|
||||
function service_cleanup() {
|
||||
local status=$1
|
||||
run systemctl stop "$SERVICE_NAME"
|
||||
if [ $status -ne 0 ]; then
|
||||
die "Error stopping systemd unit $SERVICE_NAME, output: $output"
|
||||
fi
|
||||
|
||||
if [[ -z "$status" ]]; then
|
||||
run systemctl is-active "$SERVICE_NAME"
|
||||
if [ $status -ne 0 ]; then
|
||||
die "Error checking stauts of systemd unit $SERVICE_NAME, output: $output"
|
||||
fi
|
||||
is "$output" "$status" "$SERVICE_NAME not in expected state"
|
||||
fi
|
||||
|
||||
rm -f "$UNIT_FILE"
|
||||
systemctl daemon-reload
|
||||
}
|
||||
@ -60,7 +69,8 @@ function service_cleanup() {
|
||||
@test "podman generate - systemd - basic" {
|
||||
cname=$(random_string)
|
||||
# See #7407 for --pull=always.
|
||||
run_podman create --pull=always --name $cname --label "io.containers.autoupdate=registry" $IMAGE top
|
||||
run_podman create --pull=always --name $cname --label "io.containers.autoupdate=registry" $IMAGE \
|
||||
sh -c "trap 'echo Received SIGTERM, finishing; exit' SIGTERM; echo WAITING; while :; do sleep 0.1; done"
|
||||
|
||||
# Start systemd service to run this container
|
||||
service_setup
|
||||
@ -68,7 +78,7 @@ function service_cleanup() {
|
||||
# Give container time to start; make sure output looks top-like
|
||||
sleep 2
|
||||
run_podman logs $cname
|
||||
is "$output" ".*Load average:.*" "running container 'top'-like output"
|
||||
is "$output" ".*WAITING.*" "running is waiting for signal"
|
||||
|
||||
# Exercise `podman auto-update`.
|
||||
# TODO: this will at least run auto-update code but won't perform an update
|
||||
@ -77,7 +87,8 @@ function service_cleanup() {
|
||||
run_podman auto-update
|
||||
|
||||
# All good. Stop service, clean up.
|
||||
service_cleanup
|
||||
# Also make sure the service is in the `inactive` state (see #11304).
|
||||
service_cleanup inactive
|
||||
}
|
||||
|
||||
@test "podman autoupdate local" {
|
||||
|
Reference in New Issue
Block a user