[systemd-devel] Shutting down service using systemd-nspawn

Peter Paule systemd-devel at fedux.org
Tue Feb 24 00:39:13 PST 2015 

Hi, any suggestions to cleanly shutdown containers?

If using defaults in a service file for stopping a container started with
nspawn it will be killed by SIGTERM/SIGKILL. This makes  
"systemd-nspawn" to exit with
"1" and the unit is marked as failed.

   nginx at example_org.service - Webservice for example_org
      Loaded: loaded (/etc/systemd/system/nginx at .service; enabled;  
vendor preset: disabled)
      Active: failed (Result: exit-code) since Tue 2015-02-24 08:11:54  
UTC; 25ms ago
     Process: 17351 ExecStart=/usr/bin/systemd-nspawn --register=no  
--ephemeral --bind-ro ${SSL_DIR}:/etc/ssl/nginx --bind-ro  
${WWW_DIR}:/srv/www --bind ${LOG_DIR}:/var/log/nginx/ --bind-ro  
${SITES_DIR}:/etc/nginx/sites-enabled/ --bind-ro  
${CONFIG_DIR}:/etc/nginx/other-config/ -M docker-centos-nginx  
/usr/sbin/nginx (code=exited, status=1/FAILURE)
    Main PID: 17351 (code=exited, status=1/FAILURE)

   Feb 24 08:11:51 example_org systemd[1]: Started Webservice for example_org.
   Feb 24 08:11:51 example_org systemd[1]: Starting Webservice for  
example_org...
   Feb 24 08:11:51 example_org systemd-nspawn[17351]: Spawning  
container docker-centos-nginx on  
/var/lib/machines/.#docker-centos-nginxdeb35c84dd7f62e9.
   Feb 24 08:11:51 example_org systemd-nspawn[17351]: Press ^] three  
times within 1s to kill container.
   Feb 24 08:11:54 example_org systemd[1]: Stopping Webservice for  
example_org...
   Feb 24 08:11:54 example_org systemd-nspawn[17351]: Container  
docker-centos-nginx terminated by signal KILL.
   Feb 24 08:11:54 example_org systemd[1]: nginx at example_org.service:  
main process exited, code=exited, status=1/FAILURE
   Feb 24 08:11:54 example_org systemd[1]: Stopped Webservice for example_org.
   Feb 24 08:11:54 example_org systemd[1]: Unit  
nginx at example_org.service entered failed state.
   Feb 24 08:11:54 example_org systemd[1]: nginx at example_org.service failed.

For now I'm doing this:

   [Unit]
   Description=Webservice for %I

   [Service]
   EnvironmentFile=/etc/default/machines/%I.conf
   Environment="WWW_DIR=/srv/machines/%I/current"
   Environment="LOG_DIR=/var/log/machines/%I"
   Environment="SITES_DIR=/etc/machines/%I/sites-enabled"
   Environment="CONFIG_DIR=/etc/machines/%I/other-config"
   Environment="SSL_DIR=/etc/ssl/machines/%I"
   ExecStart=/usr/bin/systemd-nspawn --register=no --ephemeral  
--bind-ro ${SSL_DIR}:/etc/ssl/nginx --bind-ro ${WWW_DIR}:/srv/www  
--bind ${LOG_DIR}:/var/log/nginx/ --bind-ro  
${SITES_DIR}:/etc/nginx/sites-enabled/ --bind-ro  
${CONFIG_DIR}:/etc/nginx/other-config/ -M docker-centos-nginx  
/usr/sbin/nginx
   KillMode=process
   KillSignal=SIGINT
   # TimeoutStopSec=10
   SendSIGKILL=no

   [Install]
   WantedBy=network.target

Using

   KillSignal=SIGINT

will make "nspawn" to exit with "0".

The thing I definitely do not like is

   SendSIGKILL=no

but setting

   TimeoutStopSec=10

does not work, maybe because of  
"http://lists.freedesktop.org/archives/systemd-devel/2014-December/025778.html".

/pp

More information about the systemd-devel mailing list