Add podman run --timeout option #10119
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
cmd/podman/common/create.go
Outdated
| @@ -651,7 +651,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) { | |||
| createFlags.UintVar( | |||
| &cf.StopTimeout, | |||
| stopTimeoutFlagName, containerConfig.Engine.StopTimeout, | |||
| "Timeout (in seconds) to stop a container. Default is 10", | |||
| "Timeout (in seconds) to stop a container, when calling Podman stop. Default is 10", | |||
There was a problem hiding this comment.
Timeout (in seconds) that containers stopped by user command have to exit. If exceeded, the container will be forcibly stopped via SIGKILL.
cmd/podman/common/create.go
Outdated
| createFlags.UintVar( | ||
| &cf.Timeout, | ||
| timeoutFlagName, 0, | ||
| "Timeout (in seconds) to kill a container if it does not complete, by default container will not be stopped", |
There was a problem hiding this comment.
Instead of "by default..." - "A timeout of 0 means the container will not be automatically stopped"
There was a problem hiding this comment.
Maybe should reword the first bit, too - "Maximum length of time a container can run. They will be stopped automatically afterwards.
libpod/define/container_inspect.go
Outdated
| @@ -529,6 +533,10 @@ type InspectContainerHostConfig struct { | |||
| IOMaximumBandwidth uint64 `json:"IOMaximumBandwidth"` | |||
| // CgroupConf is the configuration for cgroup v2. | |||
| CgroupConf map[string]string `json:"CgroupConf"` | |||
| // Timeout is time before container is killed by conmon | |||
| Timeout uint `json:"Timeout"` | |||
There was a problem hiding this comment.
These should be in config or hostconfig, not both
There was a problem hiding this comment.
Oops from a previous version.
libpod/options.go
Outdated
| @@ -758,6 +758,20 @@ func WithStopTimeout(timeout uint) CtrCreateOption { | |||
| } | |||
| } | |||
|
|
|||
| // WithTimeout sets the time to after initial stop signal is sent to the | |||
There was a problem hiding this comment.
I think this is wrong - "sets the maximum time a container is allowed to run"
| @@ -83,6 +83,11 @@ type ContainerBasicConfig struct { | |||
| // instead. | |||
| // Optional. | |||
| StopTimeout *uint `json:"stop_timeout,omitempty"` | |||
| // Timeout is a maximum time in seconds the container will run before | |||
| // main process is sent SIGKILL. | |||
There was a problem hiding this comment.
So is this immediate SIGKILL, or does it use the normal stop logic (SIGTERM -> timeout -> SIGKILL)?
There was a problem hiding this comment.
We are using the conmon --timeout flag, which is defined as
-T, --timeout Kill container after specified timeout in seconds.
Which to me means the KILL signal gets sent. I don't think we should make it more complicated then this. If users want more complicated they should do it via bash.
rhatdan
force-pushed
the
timeout
branch
2 times, most recently
from
5322fdf to
2b2ed73
Compare
This option allows users to specify the maximum amount of time to run before conmon sends the kill signal to the container. Fixes: containers#6412 Signed-off-by: Daniel J Walsh <[email protected]>
| Maximimum time a container is allowed to run before conmon sends it the kill | ||
| signal. By default containers will run until they exit or are stopped by | ||
| `podman stop`. | ||
|
|
There was a problem hiding this comment.
We point at conmon here and a few other places in this and the other man pages, but we don't explain it's relationship with Podman anywhere. Not for this PR, but we should probably do so.
In the shorter term, the common(8) man page now exists. Can you add a a ptr to that and to the other manpages in here please?
|
@containers/podman-maintainers PTAL |
|
LGTM |
|
Cool, thanks a lot! |
github-actions
bot
added
the
locked - please file new issue/PR
This option allows users to specify the maximum amount of time to run
before conmon sends the kill signal to the container.
Fixes: #6412
Signed-off-by: Daniel J Walsh [email protected]