[Touch-packages] [Bug 1546214] Re: Docker containers lose their cgroup after systemd reload

Mon, 22 Feb 2016 02:40:57 -0800 

This is not a docker bug it affects any type of cgroup made anywhere in
the cgroup hierarchy.

Ex:

 I have service A that forks off child B.  I place B in a cgroup that I
made at /sys/fs/cgroup/cpu/mycgroup.  Reload and restart a service and
boom, systemd deletes /sys/fs/cgroup/cpu/mycgroup.  /sys/fs/cgroup is
not even in any of the systemd controlled cgroup paths, it's just nuking
things in the cgroup root that it did not create.

Also this is a security issue.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1546214

Title:
  Docker containers lose their cgroup after systemd reload

Status in docker.io package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  
  After a Systemd reload & any service restart, docker top no longer show 
process of containers:

  To reproduce this issue, do the following step:

  # docker run -d --name test busybox sleep 1d
  # docker top test
  UID                 PID                 PPID                C                 
  STIME               TTY                 TIME                CMD
  root                26416               1072                1                 
  18:05               ?                   00:00:00            sleep 1d
  # systemctl --system daemon-reload && systemctl restart atd.service
  # docker top test
  UID                 PID                 PPID                C                 
  STIME               TTY                 TIME                CMD
  [  no process listed... but sleep is still running]

  Note: this idea of restarting any service restart come from patch
  https://lists.freedesktop.org/archives/systemd-
  devel/2014-September/023276.html (which is applied to Systemd package
  in Ubuntu)

  
  After few searching, this seems to be due to process from the container being 
moved in other cgroup by Systemd. More details on 
https://github.com/docker/docker/issues/20152

  Depending on version of Systemd (Wily or Xenial), this issue:

  * Wily: Happend with Docker 1.10 (with default option)
  * Wily: Does NOT happend with Docker 1.10 and --exec-opt 
native.cgroupdriver=systemd
  * Wily: Does NOT happend with Docker 1.9
  * Xenial: Does always happend (Docker 1.9, 1.10 with or without 
native.cgroupdriver=systemd)

  
  I don't know if this issue is a Systemd issue, a Docker issue... or in middle.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1546214/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to