Disable healthcheck, missing global config option for systems without systemd #16644
Assignees
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
Comments
|
There is already a (undocumented?) Lines 302 to 305 in 5908996 However I wonder why this should be needed in the first place? IMO if there is no systemd present we should just ignore healthchecks. We could also use the |
I agree, and also like the idea of the build tag. |
|
Also relevant when running Podman under WSL2 (other then Podman's own podman-machine, which adds a separate namespace to be able to run sytemd when you normally can't). |
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Dec 5, 2022
The podman healthchecks are implemented using systemd timers, this works great but it will never work on non system distros. Currently the logic always assumes systemd is available and will fail with an error, so users are forced to always run with `--no-healthcheck` to disable healthchecks that are defined in an image for example. This is annoying and IMO unessesary, we should just default to no healthcheck on these systems. First, use the systemd build tag to disable it at build time if this tag is not used. Second, use make sure systemd is used as init before trying to use healthchecks. This could be the case when we are run in a container. [NO NEW TESTS NEEDED] We do not have any non systemd VMs in CI AFAIK. Fixes containers#16644 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Dec 5, 2022
The podman healthchecks are implemented using systemd timers, this works great but it will never work on non systemd distros. Currently the logic always assumes systemd is available and will fail with an error, so users are forced to always run with `--no-healthcheck` to disable healthchecks that are defined in an image for example. This is annoying and IMO unnecessary, we should just default to no healthcheck on these systems. First, use the systemd build tag to disable it at build time if this tag is not used. Second, use make sure systemd is used as init before trying to use healthchecks. This could be the case when we are run in a container. [NO NEW TESTS NEEDED] We do not have any non systemd VMs in CI AFAIK. Fixes containers#16644 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Luap99
added a commit
to Luap99/libpod
that referenced
this issue
Dec 5, 2022
The podman healthchecks are implemented using systemd timers, this works great but it will never work on non systemd distros. Currently the logic always assumes systemd is available and will fail with an error, so users are forced to always run with `--no-healthcheck` to disable healthchecks that are defined in an image for example. This is annoying and IMO unnecessary, we should just default to no healthcheck on these systems. First, use the systemd build tag to disable it at build time if this tag is not used. Second, use make sure systemd is used as init before trying to use healthchecks. This could be the case when we are run in a container. [NO NEW TESTS NEEDED] We do not have any non systemd VMs in CI AFAIK. Fixes containers#16644 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
github-actions
bot
added
the
locked - please file new issue/PR
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
I have a custom linux build on yocto without systemd and I had to update to podman v4.2.1. But now I am getting lots of errors due to missing systemd like "unable to get systemd connection to add healthchecks". I can work around this with the --no-healthcheck option or disable it in my compose files. But this isn't convenient for legacy containers and developers working with this linux.
Steps to reproduce the issue:
Just start any container on a system without systemd.
Describe the results you received:
Bunch of errors regarding systemd connection not possible.
Describe the results you expected:
Disable healthcheck for my whole linux yocto build by a global config option. No need for --no-healthcheck parameter or comparable for every container.
Output of
podman version:Client: Podman Engine
Version: 4.2.1-dev
API Version: 4.2.1-dev
Go Version: go1.17.13
Git Commit: 754ec89
Built: Tue Aug 16 08:54:44 2022
OS/Arch: linux/arm
Output of
podman info:host:
arch: arm
buildahVersion: 1.27.0
cgroupControllers:
cgroupManager: cgroupfs
cgroupVersion: v1
conmon:
package: Unknown
path: /usr/bin/conmon
version: 'conmon version 2.1.0, commit: 4c41ec2a215c502ad6c38ea255ac1082fa1d381d'
cpuUtilization:
idlePercent: 93.96
systemPercent: 2.79
userPercent: 3.25
cpus: 2
distribution:
distribution: unknown
version: unknown
eventLogger: file
hostname: host
idMappings:
gidmap: null
uidmap: null
kernel: 5.4.193-rt74-pxc
linkmode: dynamic
logDriver: k8s-file
memFree: 126357504
memTotal: 512741376
networkBackend: cni
ociRuntime:
name: runc
package: Unknown
path: /usr/bin/runc
version: |-
runc version 1.1.2+dev
commit: v1.1.2-9-gb507e2da-dirty
spec: 1.0.2-dev
go: go1.17.13
libseccomp: 2.5.3
os: linux
remoteSocket:
path: /run/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: false
seccompEnabled: true
seccompProfilePath: unconfined
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: Unknown
version: |-
slirp4netns version 1.2.0-beta.0+dev
commit: unknown
libslirp: 4.6.1.55-888d
SLIRP_CONFIG_VERSION_MAX: 4
libseccomp: 2.5.3
swapFree: 0
swapTotal: 0
uptime: 2h 28m 21.00s (Approximately 0.08 days)
plugins:
authorization: null
log:
network:
volume:
registries:
'*.docker.io':
Blocked: false
Insecure: false
Location: ""
MirrorByDigestOnly: false
Mirrors:
Location: mirror.gcr.io
PullFromMirror: ""
Location: quay.io/libpod
PullFromMirror: ""
Prefix: '.docker.io'
PullFromMirror: ""
'.fedoraproject.org':
Blocked: false
Insecure: false
Location: registry.fedoraproject.org
MirrorByDigestOnly: false
Mirrors: null
Prefix: '*.fedoraproject.org'
PullFromMirror: ""
localhost:5000:
Blocked: false
Insecure: true
Location: localhost:5000
MirrorByDigestOnly: false
Mirrors: null
Prefix: localhost:5000
PullFromMirror: ""
search:
store:
configFile: /etc/containers/storage.conf
containerStore:
number: 3
paused: 0
running: 0
stopped: 3
graphDriverName: overlay
graphOptions:
overlay.mountopt: nodev
graphRoot: /media/rfs/rw/data/system/containers
graphRootAllocated: 7688126464
graphRootUsed: 778731520
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "true"
Supports d_type: "true"
Using metacopy: "false"
imageCopyTmpDir: /media/rfs/rw/data/system/containers/
imageStore:
number: 2
runRoot: /media/rfs/rw/data/system/containers_temp
volumePath: /media/rfs/rw/data/system/containers/volumes
version:
APIVersion: 4.2.1-dev
Built: 1660640084
BuiltTime: Tue Aug 16 08:54:44 2022
GitCommit: 754ec89
GoVersion: go1.17.13
Os: linux
OsArch: linux/arm
Version: 4.2.1-dev
Package info (e.g. output of
rpm -q podmanorapt list podmanorbrew info podman):The text was updated successfully, but these errors were encountered: