nixos/nix-containers: bind container units to machined and dbus #120636
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
currently there's a race during system poweroff, between containers shutting down via machinectl and machined/dbus being stopped. if machined or dbus are stopped before the containers units can dispath their stop commands the commands fail, leaving the containers alive. systemd will ultimately kill them hard after the stop timeout, which can have unpleasant consequences.
|
looked at this a bit more due to "shutdown during startup: issues: when a container is stopped before it has reached the in-container systemd it won't shut down properly. setting |
|
investigated some more. it seems that we'll want this instead to fix both problems: diff --git a/nixos/modules/system/boot/stage-2-init.sh b/nixos/modules/system/boot/stage-2-init.sh
index 50ee0b8841e..3f87c5c920c 100644
--- a/nixos/modules/system/boot/stage-2-init.sh
+++ b/nixos/modules/system/boot/stage-2-init.sh
@@ -1,5 +1,8 @@
#! @shell@
+# Exit early if we're a container and asked to shut down.
+trap "exit 0" SIGRTMIN+3
+
systemConfig=@systemConfig@
export HOME=/root PATH="@path@"
diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix
index f15d5875841..b7074e4460f 100644
--- a/nixos/modules/virtualisation/nixos-containers.nix
+++ b/nixos/modules/virtualisation/nixos-containers.nix
@@ -35,6 +35,9 @@ let
''
#! ${pkgs.runtimeShell} -e
+ # Exit early if we're asked to shut down.
+ trap "exit 0" SIGRTMIN+3
+
# Initialise the container side of the veth pair.
if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] ||
[ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] ||
@@ -127,12 +130,16 @@ let
''}
# Run systemd-nspawn without startup notification (we'll
- # wait for the container systemd to signal readiness).
+ # wait for the container systemd to signal readiness)
+ # Kill signal handling means systemd-nspawn will pass a system-halt signal
+ # to the container systemd when it receives SIGTERM for container shutdown;
+ # containerInit and stage2 have to handle this as well.
exec ${config.systemd.package}/bin/systemd-nspawn \
--keep-unit \
-M "$INSTANCE" -D "$root" $extraFlags \
$EXTRA_NSPAWN_FLAGS \
--notify-ready=yes \
+ --kill-signal=SIGRTMIN+3 \
--bind-ro=/nix/store \
--bind-ro=/nix/var/nix/db \
--bind-ro=/nix/var/nix/daemon-socket \
@@ -259,13 +266,10 @@ let
Slice = "machine.slice";
Delegate = true;
- # Hack: we don't want to kill systemd-nspawn, since we call
- # "machinectl poweroff" in preStop to shut down the
- # container cleanly. But systemd requires sending a signal
- # (at least if we want remaining processes to be killed
- # after the timeout). So send an ignored signal.
+ # We rely on systemd-nspawn turning a SIGTERM to itself into a shutdown
+ # signal (SIGRTMIN+3) for the inner container.
KillMode = "mixed";
- KillSignal = "WINCH";
+ KillSignal = "TERM";
DevicePolicy = "closed";
DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices;
@@ -752,8 +756,6 @@ in
postStart = postStartScript dummyConfig;
- preStop = "machinectl poweroff $INSTANCE";
-
restartIfChanged = false;
serviceConfig = serviceDirectives dummyConfig;that will not eliminate the race between starting up a container and a stop job that replaces the running start job, but it makes it about as small as i can think of making it. also completely removes the need for machined or dbus during container shutdown. modifying stage2 doesn't feel quite right, but i really can't find a better way to do it. |
10 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation for this change
fix #109695 (containers don't stop properly during system shutdown). not sure whether this is the best way to do it, but can't think of something better that doesn't require moving away from machinectl commands again
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)