use KillMode=process for salt-minion.service #44427
Conversation
|
I think I need to add more description to attract attention :) As you know systemd lock service processes in cgroup, and all child processes. And default behavior to during service stop/restart - kill all processes in that group( sometimes really annoying ) You can easily run in situation then systemd kills process that you do not expect. check for dhclient process Stop salt-minion it's not comfortably to use systemd-run for such processes, especially if we have that option for suse packages https://github.com/saltstack/salt/blob/develop/pkg/suse/salt-minion.service#L10 @cachedout could you take a look ? |
cachedout
requested review from
gtmanfred
and removed request for
terminalmage
|
@gtmanfred Can you please review this? |
There was a problem hiding this comment.
I agree with doing this. But the last time we did this, I was told we ran into problems so we removed it, which is why @terminalmage removed it when he wrote all the systemd-run stuff to reparent the dpkg/apt and rpm/yum commands into a seperate scope so that it would not get killed in the middle of the run.
I would still say that erik needs to review it, then we need to make sure that @dmurphy18 knows about it to include it in the new packages in salt-pack.
|
I want Erik's review given he has better knowledge on the issue. |
|
Hi guys. With that we achieve same behavior. It works for us and we do not have issues. It will be good to have that option from packages. |
|
@terminalmage do you have any opinions on this PR |
|
I honestly don't know what the best way to go is on this. I believe that we removed it because having it in place meant that Salt relied on our own signal handling to bring down the processes after the main PID exited, and there were certain circumstances in which they didn't. I wouldn't recommend adding it back until it is thoroughly tested and we can confirm that we aren't leaving extra processes running. |
|
@terminalmage I do not know all history to advocate, but if it could be an issue why do you enable that option for SUSE?have just checker rpm in salt repo part of salt-minion.service from rpm What test do you need to approve that change ? |
|
We do not manage the suse packages. SUSE packages those, and then we just pull them down to our repo page. Daniel |
|
ok, that adds more input for me |
|
I agree with @terminalmage on this one. Especially in regards to:
Since we have gone back and forth on this line somewhat recently, I'd really like to make sure this is thoroughly tested before making any changes so as not to cause regressions. I tracked down the PR that originally explains the issue that removing this line was attempting to solve. It's in #36806. |
|
I followed up on this with @terminalmage today. @frogunder has tested this and given it the green light. Let's get this in. This also fixes #43340. @dmurphy18 - FYI. This is going in here to develop, but I am also going to back-port it for 2017.7 as it fixes a blocking bug there. Thanks @samodid :) |
rallytime
added
the
ZZZ[Done]-back-ported-bf
What does this PR do?
Set KillMode=process for salt-minion systemd service.
What issues does this PR fix or reference?
With KillMode=process systemd will not kill all process in same group. (default is KillMode=control-group, man 5 systemd.kill )
That allow shutdown(upgrade) salt-minion without side effects.
Previous Behavior
Systemd kill all processes in same group.
New Behavior
only the main process itself is killed.
Tests written?
No
Commits signed with GPG?
No
Please review Salt's Contributing Guide for best practices.
See GitHub's page on GPG signing for more information about signing commits with GPG.