[Bug 1546214] Re: Docker containers lose their cgroup after systemd reload
Michael Crosby
crosbymichael at gmail.com
Fri Feb 19 19:07:00 UTC 2016
This is not a docker bug it affects any type of cgroup made anywhere in
the cgroup hierarchy.
Ex:
I have service A that forks off child B. I place B in a cgroup that I
made at /sys/fs/cgroup/cpu/mycgroup. Reload and restart a service and
boom, systemd deletes /sys/fs/cgroup/cpu/mycgroup. /sys/fs/cgroup is
not even in any of the systemd controlled cgroup paths, it's just nuking
things in the cgroup root that it did not create.
Also this is a security issue.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1546214
Title:
Docker containers lose their cgroup after systemd reload
Status in docker.io package in Ubuntu:
Confirmed
Status in systemd package in Ubuntu:
Confirmed
Bug description:
After a Systemd reload & any service restart, docker top no longer show process of containers:
To reproduce this issue, do the following step:
# docker run -d --name test busybox sleep 1d
# docker top test
UID PID PPID C STIME TTY TIME CMD
root 26416 1072 1 18:05 ? 00:00:00 sleep 1d
# systemctl --system daemon-reload && systemctl restart atd.service
# docker top test
UID PID PPID C STIME TTY TIME CMD
[ no process listed... but sleep is still running]
Note: this idea of restarting any service restart come from patch
https://lists.freedesktop.org/archives/systemd-
devel/2014-September/023276.html (which is applied to Systemd package
in Ubuntu)
After few searching, this seems to be due to process from the container being moved in other cgroup by Systemd. More details on https://github.com/docker/docker/issues/20152
Depending on version of Systemd (Wily or Xenial), this issue:
* Wily: Happend with Docker 1.10 (with default option)
* Wily: Does NOT happend with Docker 1.10 and --exec-opt native.cgroupdriver=systemd
* Wily: Does NOT happend with Docker 1.9
* Xenial: Does always happend (Docker 1.9, 1.10 with or without native.cgroupdriver=systemd)
I don't know if this issue is a Systemd issue, a Docker issue... or in middle.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1546214/+subscriptions
More information about the foundations-bugs
mailing list