-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Container sigkill after stop timeout not logged as error #11854
Comments
Interested in opening a PR to fix? |
I agree that falling back to SIGKILL is noteworthy, but I'm not convinced that $ podman run --name foo -d alpine sleep 100
7e6c79489feac65fa34353146047214e05014c30bf4efa048b09192c29c5513c
$ podman stop --time=1 foo
foo
$ podman inspect --format '{{.State.ExitCode}}' foo
137 In an automated environment, a warning would be of limited use: nobody would see it. In an automated environment, it really is kind of important for the developer to check container exit status. When playing on the command line, I can see a "timed out" warning being mildly helpful -- but in this environment the user will (presumably) also notice the timeout delay itself. @pboguslawski in what scenario do you think this kind of warning would actually help someone? |
The issue is about using systemd unit generated with |
You could change the --log-level info command on the podman stop command to see this output. |
I don't know if this is worthy of printing by default - |
Adding
IHMO: its definitely more important message than podmans messages with
that are sent to syslog by default. Would be also nice to see similar message in syslog with for example
|
@pboguslawski thanks, that's a good point (your use case in systemd). I think your proposal is promising: the timeout really should IMHO be more important than |
Podman defaults to log-level Warn, the question would be do we raise it to Warn, so it is in everyones face when it happens. I am ok with it, but if users start to complain, then we might want to revisit it. |
If we actually do this, be prepared for the integration tests to break in a lot of places - which might not be the worst thing, considering we usually shouldn't be waiting for that timeout anyways. |
Man page says "error", which is why I was OK with raising the severity of this message.
|
Manpages are wrong, then - we swapped to Warn around 9 months ago, AFAIK. |
Note: the Warning message will not come to podman-remote. It would be difficult to plumb, and not really worth the effort. Fixes: containers#11854 Signed-off-by: Daniel J Walsh <[email protected]>
/kind bug
Description
If
podman stop
kills container after timeout, no info about timeout is logged in journal/stderr; killing container after timeout should be treated as dangerous because of data loss possibility so messagepodman/libpod/oci_conmon_linux.go
Line 438 in 800e91d
priority should be higher than info (at least warn) and systemd unit files generated with podman generate should produce such warnings to journal/syslog in case of killing container by podman with sigkill.
Using
podman stop --log-level=info
is not an option because it produces too much noise.Steps to reproduce the issue:
Run any container that need >1s to stop.
Stop it using
podman stop --time=1
Describe the results you received:
No traces in journal/syslog about container killing.
Describe the results you expected:
Journal/syslog should contain message about stop timeout and container killing with level warn (or maybe even error).
The text was updated successfully, but these errors were encountered: