summaryrefslogtreecommitdiff
path: root/libpod/container_graph.go
diff options
context:
space:
mode:
authorChris Evich <cevich@redhat.com>2019-09-11 15:51:15 -0400
committerChris Evich <cevich@redhat.com>2019-09-12 11:21:20 -0400
commit9be2a6f908ee80c7410cb0c3121359d87f366f28 (patch)
treed4cc44a795b60fa5667817f754ea49a33ffc0c12 /libpod/container_graph.go
parentafa3d11381eb23820c653c44d3d249041bc6a833 (diff)
downloadpodman-9be2a6f908ee80c7410cb0c3121359d87f366f28.tar.gz
podman-9be2a6f908ee80c7410cb0c3121359d87f366f28.tar.bz2
podman-9be2a6f908ee80c7410cb0c3121359d87f366f28.zip
Prevent podman varlink socket fight
When enabled, it's desired for the podman-varlink process to startup on boot or upon socket-activation, whichever happens first. However, with `KillMode=none` systemd will never kill any podman-varlink processes. This makes it easily possible for multiple podman-varlink processes to be running, and fight each other to service a single socket. --- For example: Prior to this commit, this will result in four podman-varlink processes being run: ``` systemctl enable io.podman.socket systemctl enable io.podman.service systemctl start io.podman.socket systemctl start io.podman.service systemctl start io.podman.service ``` Fix this by setting `KillMode=process` and `TimeoutStopSec=30` (default is 90). This results in podman-varlink exiting on its own after a minute of being idle (--timeout=60000). Alternatively, systemd will manage the service stop by sending a SIGTERM, then if podman-varlink has not exited within `TimeoutStopSec`, a SIGKILL will be sent. Signed-off-by: Chris Evich <cevich@redhat.com>
Diffstat (limited to 'libpod/container_graph.go')
0 files changed, 0 insertions, 0 deletions