Skip to content

Commit

Permalink
kube sdnotify: run proxies for the lifespan of the service
Browse files Browse the repository at this point in the history
As outlined in containers#16076, a subsequent BARRIER *may* follow the READY
message sent by a container.  To correctly imitate the behavior of
systemd's NOTIFY_SOCKET, the notify proxies span up by `kube play` must
hence process messages for the entirety of the workload.

We know that the workload is done and that all containers and pods have
exited when the service container exits.  Hence, all proxies are closed
at that time.

The above changes imply that Podman runs for the entirety of the
workload and will henceforth act as the MAINPID when running inside of
systemd.  Prior to this change, the service container acted as the
MAINPID which is now not possible anymore; Podman would be killed
immediately on exit of the service container and could not clean up.

The kube template now correctly transitions to in-active instead of
failed in systemd.

Fixes: containers#16076
Fixes: containers#16515
Signed-off-by: Valentin Rothberg <[email protected]>
  • Loading branch information
vrothberg committed Dec 6, 2022
1 parent 8c3af71 commit 4fa307f
Show file tree
Hide file tree
Showing 6 changed files with 211 additions and 114 deletions.
Loading

0 comments on commit 4fa307f

Please sign in to comment.