[systemd-devel] [PATCH 2/3] nspawn: make nspawn able to cleanly terminate on container errors
Djalal Harouni
tixxdz at opendz.org
Fri May 2 04:17:56 PDT 2014
On Fri, Apr 25, 2014 at 08:12:13PM +0200, Tom Gundersen wrote:
> On Fri, Apr 11, 2014 at 2:45 AM, Djalal Harouni <tixxdz at opendz.org> wrote:
> > nspawn and the container child use eventfd to wait and notify each other
> > that they are ready so the container setup can be completed.
> >
> > However in its current form the wait/notify event ignore errors that
> > may especially affect the child (container).
> >
> > On errors the child will jump to the "child_fail" label and terminate
> > with _exit(EXIT_FAILURE) without notifying the parent. Since the eventfd
> > is created without the "EFD_NONBLOCK" flag, this leaves the parent
> > blocking on the eventfd_read() call.
> >
> > To fix this without adding extra overheads, we keep the eventfd logic
> > and improve it by adding:
> >
> > * States of the parent and child setups:
> > SETUP_INIT, SETUP_SUCCEEDED and SETUP_FAILED
> >
> > * In the child if the setup succeeded we notify parent by writing a
> > SETUP_SUCCEEDED value, otherwise we make sure to write a SETUP_FAILED
> > before the _exit(). This prevents the parent from waiting on an event
> > that will never come.
> >
> > * In parent read the child setup state, if SETUP_SUCCEEDED continue,
> > otherwise jump to "check_container_status" label, get the container
> > child status and release resources.
> >
> > https://bugs.freedesktop.org/show_bug.cgi?id=76193
> >
> > Reported-by: Tobias Hunger <tobias.hunger at gmail.com>
>
> Looks good to me.
Thanks!
Just to inform that I've came up with an RFC patch that will make
systemd nspawn robust to different signal/terminate races using eventfd.
So please hold on on this one! I'll clean it and post it later this day.
> Cheers,
>
> Tom
--
Djalal Harouni
http://opendz.org
More information about the systemd-devel
mailing list