[lxc-devel] Shutting down containers properly
Jäkel, Guido
G.Jaekel at dnb.de
Fri May 25 12:36:30 UTC 2012
Dear Christian,
my lxc management script uses lxc-stop just for an emergency action called "fored-stop" and it will be also applied, if a normal "stop" (alias "halt") action will timeout after 5min. For this normal shutdown (or reboot) of a container, I'm sending just a SIGPWR (or SIGINT) to the containers init (sysvinit) process. This will result into the same actions as one will call 'poweroff' or 'reboot' inside it.
[...]
kill -$SIGNAL $INIT_PID
timeout 5m lxc-wait -n $CONTAINER -s "STOPPED" \
|| ( lxc-stop --name $CONTAINER && LOG "shutdown timed out, \"$CONTAINER\" killed!" )
[...]
To support the (well documented) SIGPWR feature, with my Gentoo distro I had to add the line " pf:12345:powerwait:/sbin/halt" to /etc/inittab. Using other init systems, at least SIGINT should act on the same way but they also need some fiddling to support SIGPWR.
>From that, executing "shutdown" via lxc-attatch might be more universal -- if it will work in future!
Guido
>-----Original Message-----
>From: Christian Seiler [mailto:christian at iwakd.de]
>Sent: Friday, May 25, 2012 1:56 PM
>To: lxc-devel at lists.sourceforge.net
>Subject: [Spam-Wahrscheinlichkeit=99][lxc-devel] Shutting down containers properly
>
>Hi,
>
>Currently, lxc-stop sends SIGKILL to the init process of the container,
>which causes all the other processes in the container to also receive
>a SIGKILL. I don't think that is a good course of action, since sending
>SIGKILL to for example a database server can lead to potential data
>loss.
>
>A much better way of stopping containers would be in my opinion to
>first send the container a shutdown signal - and then wait for a
>specified amount of time before really killing the container with a
>KILL signal.
>
>Unfortunately, no init system will react to SIGTERM and shut down the
>container, so it is not quite as easy.
More information about the lxc-devel
mailing list