[Bug 1546214] Re: Docker containers lose their cgroup after systemd reload

Michael Crosby crosbymichael at gmail.com
Fri Feb 19 19:07:00 UTC 2016


This is not a docker bug it affects any type of cgroup made anywhere in
the cgroup hierarchy.

Ex:

 I have service A that forks off child B.  I place B in a cgroup that I
made at /sys/fs/cgroup/cpu/mycgroup.  Reload and restart a service and
boom, systemd deletes /sys/fs/cgroup/cpu/mycgroup.  /sys/fs/cgroup is
not even in any of the systemd controlled cgroup paths, it's just nuking
things in the cgroup root that it did not create.

Also this is a security issue.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1546214

Title:
  Docker containers lose their cgroup after systemd reload

Status in docker.io package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  
  After a Systemd reload & any service restart, docker top no longer show process of containers:

  To reproduce this issue, do the following step:

  # docker run -d --name test busybox sleep 1d
  # docker top test
  UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
  root                26416               1072                1                   18:05               ?                   00:00:00            sleep 1d
  # systemctl --system daemon-reload && systemctl restart atd.service
  # docker top test
  UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
  [  no process listed... but sleep is still running]

  Note: this idea of restarting any service restart come from patch
  https://lists.freedesktop.org/archives/systemd-
  devel/2014-September/023276.html (which is applied to Systemd package
  in Ubuntu)

  
  After few searching, this seems to be due to process from the container being moved in other cgroup by Systemd. More details on https://github.com/docker/docker/issues/20152

  Depending on version of Systemd (Wily or Xenial), this issue:

  * Wily: Happend with Docker 1.10 (with default option)
  * Wily: Does NOT happend with Docker 1.10 and --exec-opt native.cgroupdriver=systemd
  * Wily: Does NOT happend with Docker 1.9
  * Xenial: Does always happend (Docker 1.9, 1.10 with or without native.cgroupdriver=systemd)

  
  I don't know if this issue is a Systemd issue, a Docker issue... or in middle.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1546214/+subscriptions



More information about the foundations-bugs mailing list