Fix ungraceful shutdown of NGINX #1501
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Wouldn't it be better to handle the SIGQUIT too in the code, so we don't differ too much from the base image? |
|
@lucacome since we have control (in the Dockerfile) over what signal is sent to IC, I don't see a point of handling multiple signals, when handling |
|
You linked a document saying that not every runtime will respect the |
|
@lucacome could you give an example when a runtime will send a SIGQUIT? |
lucacome
previously requested changes
Apr 5, 2021
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days. |
To shutdown the IC container, the container runtime sends a signal to it (SIGTERM by default). The IC handles the SIGTERM signal - after receiving it, it will gracefully shutdown NGINX and exit. The termination signal can be customized in the Dockerfile via STOPSIGNAL. In nginxinc/docker-nginx@3fb70dd the STOPSIGNAL in the NGINX base images was changed from SIGTERM to SIGQUIT. Because the IC didn't register a handler for SIGQUIT, the IC would terminate immediately with a stack dump. As a result, the NGINX wasn't gracefully shutdown, meaning any inflight requests were aborted. This commits explicitly configures STOPSIGNAL to SIGTERM in the Dockerfiles, which overrides any value set in the base images. This restores graceful shutdown of NGINX. The bug only affected NGINX images, because NGINX Plus images use different base images without configured STOPSIGNAL.
|
rebased against the master branch |
soneillf5
approved these changes
Jun 15, 2021
ciarams87
approved these changes
Jun 15, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To shutdown the IC container, the container runtime sends a signal
to it (SIGTERM by default). The IC handles the SIGTERM signal - after
receiving it, it will gracefully shutdown NGINX and exit.
The termination signal can be customized in the Dockerfile via
STOPSIGNAL. In nginxinc/docker-nginx@3fb70dd
the STOPSIGNAL in the NGINX base images was changed from SIGTERM to
SIGQUIT. Because the IC didn't register a handler for SIGQUIT, the IC
would terminate immediately with a stack dump. As a result, the NGINX
wasn't gracefully shutdown, meaning any inflight requests were aborted.
This commits explicitly configures STOPSIGNAL to SIGTERM in the
Dockerfiles, which overrides any value set in the base images. This
restores graceful shutdown of NGINX.
The bug only affected NGINX images, because NGINX Plus images use
different base images without configured STOPSIGNAL.
while not requred, I added STOPSIGNAL to build/DockerfileWithAppProtectForPlusForOpenShift for consistency