[systemd-devel] systemd-machined sigterm, cgroups trimmed
Lennart Poettering
lennart at poettering.net
Thu Nov 6 09:24:03 PST 2014
On Tue, 04.11.14 08:38, Major Hayden (major at mhtx.net) wrote:
> Hello there,
>
> I'm currently running systemd 216 on Fedora 21 and I've found an issue where systemd-machined stops running and cgroups are trimmed from the scope of running qemu virtual machines. The series of events looks like this:
>
> 1) OpenStack nova creates a KVM virtual machine via libvirt
> 2) Libvirt registers the VM with systemd-machined, cgroups appear
> 3) 0-300 seconds pass
> 4) systemd-machined gets a sigterm and stops
> 5) cgroups are trimmed for running virtual machines
>
> The cgroup trimming is a disaster because it removes devices.allow and devices.deny ACL's for the running virtual machine.
>
> Here is a snippet of the systemd journal with two virtual machines running. You'll see that systemd-machined gets a sigterm and stops:
>
> https://gist.github.com/major/2d76cbf0d0de0d62ce3f
>
> Shortly after systemd-machined goes offline, the cgroups are
> removed. Rebooting the hypervisor, rebooting a virtual machine, or
> building a new virtual machine will cause systemd-machined to start
> again but it will stop shortly afterwards.
I figure machined terminates because it's idle. This would suggest the
registration of the machine didn't work, or that the unit that
libvirt registered went away.
Right after the machine was started, but before machined dies, do you
see the machine's scope registered in "systemctl list-units"? Do you
see the machine show up in "machinectl"'s output?
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list