containers
/
automation-tests
mirror of https://github.com/containers/automation-tests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libpod: improve check to create conmon cgroup 

commit 1951ff168a introduced a check so
that conmon is not moved to a new cgroup when podman is running inside
of a systemd service.  This is helpful to integrate podman in systemd
so that the spawned conmon lives in the same cgroup as the service
that created it.

Unfortunately this breaks when podman daemon is running in a systemd
service since the same check is in place thus all the conmon processes
end up in the same cgroup as the podman daemon.  When the podman
daemon systemd service stops the conmon processes are also terminated
as well as the containers they monitor.

Improve the check to exclude podman running as a daemon.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2052697

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2022-06-15 10:46:12 +02:00
parent 576c739e5f
commit 751ba07a76
No known key found for this signature in database
GPG Key ID: 67E38F7A8BA21772
3 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libpod/oci_conmon_linux.go
View File

@ -1435,7 +1435,7 @@ func (r *ConmonOCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec
}
// $INVOCATION_ID is set by systemd when running as a service.
if os.Getenv("INVOCATION_ID") != "" {
if ctr.runtime.RemoteURI() == "" && os.Getenv("INVOCATION_ID") != "" {
mustCreateCgroup = false
}

25
test/system/250-systemd.bats
View File

@ -362,4 +362,29 @@ EOF
run_podman 1 pod exists test_pod
}
@test "podman-system-service containers survive service stop" {
skip_if_remote "N/A under podman-remote"
SERVICE_NAME=podman-service-$(random_string)
port=$(random_free_port)
URL=tcp://127.0.0.1:$port
systemd-run --unit=$SERVICE_NAME $PODMAN system service $URL --time=0
wait_for_port 127.0.0.1 $port
# Start a long-running container.
cname=keeps-running
run_podman --url $URL run -d --name $cname $IMAGE top -d 2
run_podman container inspect -l --format "{{.State.Running}}"
is "$output" "true" "This should never fail"
systemctl stop $SERVICE_NAME
run_podman container inspect $cname --format "{{.State.Running}}"
is "$output" "true" "Container is still running after podman server stops"
run_podman rm -f -t 0 $cname
}
# vim: filetype=sh

4
test/system/helpers.systemd.bash
View File

@ -28,3 +28,7 @@ systemctl() {
journalctl() {
command journalctl $_DASHUSER "$@"
}
systemd-run() {
command systemd-run $_DASHUSER "$@";
}