-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
user podman service leaks "pause" process, breaks API after idle timeout #7180
Comments
Working with user podman API leaves behind a `podman pause` process which is not attached to/stopped by podman.service. Avoid that leaking into the next test while the data directories get restored. See containers/podman#7180
This is actually quite serious, as it completely breaks the API on timeout:
Now let podman.service timeout, see
Now further API requests are broken: Running the same
|
Working with user podman API leaves behind a `podman pause` process which is not attached to/stopped by podman.service. This completely breaks the API: containers/podman#7180 Closes cockpit-project#473
The behaviour is rather similar to #6660 so maybe related? |
Working with user podman API leaves behind a `podman pause` process which is not attached to/stopped by podman.service. This completely breaks the API: containers/podman#7180 Closes #473
The pause process remaining behind is intentional - see discussion in #7133 Are you certain that the timeout issue is related to the pause process? |
@mheon: Yes, as soon as I kill it, I can connect again. |
Confirmed with current 2.0.4 from Fedora 32 updates-testing |
that is by design, we want it to be shared among all the podman processes for an user. Could you give a try to #7192 ? |
when there is a pause process running, let the "system service" podman instance join immediately the existing namespaces. Closes: containers#7180 Closes: containers#6660 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
when there is a pause process running, let the "system service" podman instance join immediately the existing namespaces. Closes: containers#7180 Closes: containers#6660 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
containers/podman#7180 is fixed and fixed version is present in all of our images.
containers/podman#7180 is fixed and fixed version is present in all of our images.
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
Stopping user's podman.service, or letting it time out, often leaves behind a "podman pause" process.
Steps to reproduce the issue:
Log in as user, and clean slate. There are no running containers, and service is not running:
Make an API request:
Check processes. podman.service is running:
There is also a zombie process (but that's not the main issue of this bug report):
systemctl --user status podman
Describe the results you received:
After that I expect no running podman processes any more.
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
It's not 100% reliable, sometimes the pause process does get cleaned up.
This is podman 2.0.2, as 2.0.3's API is broken (issue #7078). 2.0.2 and 2.0.3 also have a few bugs in their systemd units (most importantly,
KillMode=process
). But I already got the latest unit from master, i. e. with defaultKillMode
. This "pause" process seems to get detached from the unit somehow, even though it originally appears inside.Output of
podman version
:Output of
podman info --debug
:Package info (e.g. output of
rpm -q podman
orapt list podman
):Additional environment details (AWS, VirtualBox, physical, etc.):
The text was updated successfully, but these errors were encountered: