mirror of
https://github.com/containers/podman
synced 2024-10-20 09:13:46 +00:00
Prevent podman varlink socket fight
When enabled, it's desired for the podman-varlink process to startup on boot or upon socket-activation, whichever happens first. However, with `KillMode=none` systemd will never kill any podman-varlink processes. This makes it easily possible for multiple podman-varlink processes to be running, and fight each other to service a single socket. --- For example: Prior to this commit, this will result in four podman-varlink processes being run: ``` systemctl enable io.podman.socket systemctl enable io.podman.service systemctl start io.podman.socket systemctl start io.podman.service systemctl start io.podman.service ``` Fix this by setting `KillMode=process` and `TimeoutStopSec=30` (default is 90). This results in podman-varlink exiting on its own after a minute of being idle (--timeout=60000). Alternatively, systemd will manage the service stop by sending a SIGTERM, then if podman-varlink has not exited within `TimeoutStopSec`, a SIGKILL will be sent. Signed-off-by: Chris Evich <cevich@redhat.com>
This commit is contained in:
parent
afa3d11381
commit
9be2a6f908
|
@ -6,8 +6,9 @@ Documentation=man:podman-varlink(1)
|
|||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman
|
||||
KillMode=none
|
||||
ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman --timeout=60000
|
||||
TimeoutStopSec=30
|
||||
KillMode=process
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
@ -8,3 +8,4 @@ SocketMode=0600
|
|||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
Also=multi-user.target
|
||||
|
|
Loading…
Reference in a new issue