systemd/generate: change type to notify

Change the type of units generated with --new from "forking" to "notify". This brings Podman closer to systemd and opens up Podman to a number of use cases (see containers#5572). Units generated without --new remain with `type=forking`. I experimented a bit with adding a `--sdnotify` flag to `podman start` but it doesn't really work well since we're competing with the default sdnotify mode set during container creation. Fixes: containers#5572 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
vrothberg · Jun 4, 2021 · 9ac5267 · 9ac5267
1 parent b64e20a
commit 9ac5267
Show file tree

Hide file tree

Showing 5 changed files with 82 additions and 119 deletions.
diff --git a/pkg/systemd/generate/common.go b/pkg/systemd/generate/common.go
@@ -60,19 +60,22 @@ func filterPodFlags(command []string, argCount int) []string {
 	return processed
 }
 
-// filterCommonContainerFlags removes --conmon-pidfile, --cidfile and --cgroups from the specified command.
+// filterCommonContainerFlags removes --sdnotify, --rm and --cgroups from the specified command.
 // argCount is the number of last arguments which should not be filtered, e.g. the container entrypoint.
 func filterCommonContainerFlags(command []string, argCount int) []string {
 	processed := []string{}
 	for i := 0; i < len(command)-argCount; i++ {
 		s := command[i]
 
 		switch {
-		case s == "--conmon-pidfile", s == "--cidfile", s == "--cgroups":
+		case s == "--rm":
+			// Boolean flags support --flag and --flag={true,false}.
+			continue
+		case s == "--sdnotify", s == "--cgroups":
 			i++
 			continue
-		case strings.HasPrefix(s, "--conmon-pidfile="),
-			strings.HasPrefix(s, "--cidfile="),
+		case strings.HasPrefix(s, "--sdnotify="),
+			strings.HasPrefix(s, "--rm="),
 			strings.HasPrefix(s, "--cgroups="):
 			continue
 		}

diff --git a/pkg/systemd/generate/common_test.go b/pkg/systemd/generate/common_test.go
@@ -93,22 +93,22 @@ func TestFilterCommonContainerFlags(t *testing.T) {
 		},
 		{
 			[]string{"podman", "run", "--conmon-pidfile", "foo", "alpine"},
-			[]string{"podman", "run", "alpine"},
+			[]string{"podman", "run", "--conmon-pidfile", "foo", "alpine"},
 			1,
 		},
 		{
 			[]string{"podman", "run", "--conmon-pidfile=foo", "alpine"},
-			[]string{"podman", "run", "alpine"},
+			[]string{"podman", "run", "--conmon-pidfile=foo", "alpine"},
 			1,
 		},
 		{
 			[]string{"podman", "run", "--cidfile", "foo", "alpine"},
-			[]string{"podman", "run", "alpine"},
+			[]string{"podman", "run", "--cidfile", "foo", "alpine"},
 			1,
 		},
 		{
 			[]string{"podman", "run", "--cidfile=foo", "alpine"},
-			[]string{"podman", "run", "alpine"},
+			[]string{"podman", "run", "--cidfile=foo", "alpine"},
 			1,
 		},
 		{
@@ -122,25 +122,15 @@ func TestFilterCommonContainerFlags(t *testing.T) {
 			1,
 		},
 		{
-			[]string{"podman", "run", "--cgroups", "foo", "--conmon-pidfile", "foo", "--cidfile", "foo", "alpine"},
+			[]string{"podman", "run", "--cgroups=foo", "--rm", "alpine"},
 			[]string{"podman", "run", "alpine"},
 			1,
 		},
 		{
-			[]string{"podman", "run", "--cgroups=foo", "--conmon-pidfile=foo", "--cidfile=foo", "alpine"},
-			[]string{"podman", "run", "alpine"},
-			1,
-		},
-		{
-			[]string{"podman", "run", "--cgroups", "foo", "--conmon-pidfile", "foo", "--cidfile", "foo", "alpine", "--cgroups", "foo", "--conmon-pidfile", "foo", "--cidfile", "foo"},
-			[]string{"podman", "run", "alpine", "--cgroups", "foo", "--conmon-pidfile", "foo", "--cidfile", "foo"},
+			[]string{"podman", "run", "--cgroups", "--rm=bogus", "alpine", "--cgroups", "foo", "--conmon-pidfile", "foo", "--cidfile", "foo", "--rm"},
+			[]string{"podman", "run", "alpine", "--cgroups", "foo", "--conmon-pidfile", "foo", "--cidfile", "foo", "--rm"},
 			7,
 		},
-		{
-			[]string{"podman", "run", "--cgroups=foo", "--conmon-pidfile=foo", "--cidfile=foo", "alpine", "--cgroups=foo", "--conmon-pidfile=foo", "--cidfile=foo"},
-			[]string{"podman", "run", "alpine", "--cgroups=foo", "--conmon-pidfile=foo", "--cidfile=foo"},
-			4,
-		},
 	}
 
 	for _, test := range tests {

diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go
@@ -25,6 +25,10 @@ type containerInfo struct {
 	ServiceName string
 	// Name or ID of the container.
 	ContainerNameOrID string
+	// Type of the unit.
+	Type string
+	// NotifyAccess of the unit.
+	NotifyAccess string
 	// StopTimeout sets the timeout Podman waits before killing the container
 	// during service stop.
 	StopTimeout uint
@@ -102,10 +106,19 @@ TimeoutStopSec={{{{.TimeoutStopSec}}}}
 ExecStartPre={{{{.ExecStartPre}}}}
 {{{{- end}}}}
 ExecStart={{{{.ExecStart}}}}
+{{{{- if .ExecStop}}}}
 ExecStop={{{{.ExecStop}}}}
+{{{{- end}}}}
+{{{{- if .ExecStopPost}}}}
 ExecStopPost={{{{.ExecStopPost}}}}
+{{{{- end}}}}
+{{{{- if .PIDFile}}}}
 PIDFile={{{{.PIDFile}}}}
-Type=forking
+{{{{- end}}}}
+Type={{{{.Type}}}}
+{{{{- if .NotifyAccess}}}}
+NotifyAccess={{{{.NotifyAccess}}}}
+{{{{- end}}}}
 
 [Install]
 WantedBy=multi-user.target default.target
@@ -208,6 +221,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
 		info.Executable = executable
 	}
 
+	info.Type = "forking"
 	info.EnvVariable = define.EnvVariable
 	info.ExecStart = "{{{{.Executable}}}} start {{{{.ContainerNameOrID}}}}"
 	info.ExecStop = "{{{{.Executable}}}} stop {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}} {{{{.ContainerNameOrID}}}}"
@@ -221,8 +235,12 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
 	// invalid `info.CreateCommand`.  Hence, we're doing a best effort unit
 	// generation and don't try aiming at completeness.
 	if options.New {
-		info.PIDFile = "%t/" + info.ServiceName + ".pid"
-		info.ContainerIDFile = "%t/" + info.ServiceName + ".ctr-id"
+		info.Type = "notify"
+		info.NotifyAccess = "all"
+		info.PIDFile = ""
+		info.ContainerIDFile = ""
+		info.ExecStop = ""
+		info.ExecStopPost = ""
 		// The create command must at least have three arguments:
 		// 	/usr/bin/podman run $IMAGE
 		index := 0
@@ -245,9 +263,9 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
 		}
 		startCommand = append(startCommand,
 			"run",
-			"--conmon-pidfile", "{{{{.PIDFile}}}}",
-			"--cidfile", "{{{{.ContainerIDFile}}}}",
+			"--sdnotify=conmon",
 			"--cgroups=no-conmon",
+			"--rm",
 		)
 		remainingCmd := info.CreateCommand[index:]
 
@@ -336,11 +354,7 @@ func executeContainerTemplate(info *containerInfo, options entities.GenerateSyst
 
 		startCommand = append(startCommand, remainingCmd...)
 		startCommand = escapeSystemdArguments(startCommand)
-
-		info.ExecStartPre = "/bin/rm -f {{{{.PIDFile}}}} {{{{.ContainerIDFile}}}}"
 		info.ExecStart = strings.Join(startCommand, " ")
-		info.ExecStop = "{{{{.Executable}}}} {{{{if .RootFlags}}}}{{{{ .RootFlags}}}} {{{{end}}}}stop --ignore --cidfile {{{{.ContainerIDFile}}}} {{{{if (ge .StopTimeout 0)}}}}-t {{{{.StopTimeout}}}}{{{{end}}}}"
-		info.ExecStopPost = "{{{{.Executable}}}} {{{{if .RootFlags}}}}{{{{ .RootFlags}}}} {{{{end}}}}rm --ignore -f --cidfile {{{{.ContainerIDFile}}}}"
 	}
 
 	info.TimeoutStopSec = minTimeoutStopSec + info.StopTimeout