clarify kill and delete operation for shared pid namespace container #1234
Conversation
lifubang
requested review from
AkihiroSuda,
crosbymichael,
cyphar,
dqminh,
giuseppe,
hqhq,
kolyshkin,
mrunalp,
thaJeztah,
tianon,
vbatts and
utam0k
as code owners
|
@opencontainers/runtime-spec-maintainers PTAL, we need this PR to make a decision how to fix a bug in |
runtime.md
Outdated
| @@ -129,18 +129,19 @@ This operation MUST run the user-specified program as specified by [`process`](c | |||
| This operation MUST generate an error if `process` was not set. | |||
|
|
|||
| ### <a name="runtimeKill" />Kill | |||
| `kill <container-id> <signal>` | |||
| `kill <container-id> [-a,--all] <signal>` | |||
There was a problem hiding this comment.
Duplicate of
There was a problem hiding this comment.
OK, I changed this PR to clarify kill and delete operation for shared pid namespace container, let's discuss -a in #1190 .
lifubang
force-pushed
the
feat-kill-delete
branch
from
126ee4a
to
bd914e5
Compare
lifubang
changed the title
I wonder we should change this rule or not? |
|
@lifubang the operation can be function or command-line. However, the |
Yes, but the command line implementation is (currently) out of the scope of the OCI Runtime Spec. |
How about add |
Adding the CLI spec to the Runtime Spec was once rejected in 2017 (#513 (comment)) and accepted in the runtime-tools repo: https://github.com/opencontainers/runtime-tools/blob/master/docs/command-line-interface.md I guess we can revisit this, but it is beyond the scope of this PR. (Feel free to open an issue/PR) |
Thanks. We should discuss it in other pr (I also received the runc maintainer's comment about introducing new flag opencontainers/runc#4045) |
runtime.md
Outdated
|
|
||
| This operation MUST send the specified signal to the container's init process. | ||
|
|
||
| Specially, if the signal is `SIGKILL` and the container does not use its own private PID namespace, this operation MUST send the `SIGKILL` signal to all the processes in the container, even if the container's state is `stopped`. If there is no process left in this type container, the operation MUST [generate an error](#errors). |
There was a problem hiding this comment.
s/does not use/does not have/- Traditionally,
runc kill -adoes not result in an error even if there are no processes left. I'm not sure if we want to change it here.
There was a problem hiding this comment.
2. Traditionally,
runc kill -adoes not result in an error even if there are no processes left. I'm not sure if we want to change it here.
Yes, I think we should not result in an error here, I'll remove these words later.
runtime.md
Outdated
| Deleting a container MUST delete the resources that were created during the `create` step. | ||
|
|
||
| Specially, when deleting a container, which does not use its own private PID namespace, the operation should ensure kill all processes in this type container, and ensure no process left in it. |
There was a problem hiding this comment.
s/does not use/does not have/
s/should ensure kill all processes/SHOULD kill all processes/
s/and ensure no process left in it./and return an error if those processes can not be killed./
lifubang
force-pushed
the
feat-kill-delete
branch
from
bd914e5
to
7c32f46
Compare
Signed-off-by: lfbzhm <[email protected]>
lifubang
force-pushed
the
feat-kill-delete
branch
from
7c32f46
to
9eadaa0
Compare
|
@opencontainers/runtime-spec-maintainers PTAL |
There was no description for delete a container which doesn't have it's own private pid namespace, so it may cause some break changes when we do code refactor in this area.
Maybe we should add some descriptions for this.
In fact,container-runtime kill [-a,--all] container_id signal]andcontainer-runtime delete [-f,--force] container_idhas been used by upstream projects for many years, but it isn't defined inruntime-spec. It may cause some break changes when we do code refactor in this area.So, maybe we should define it clearly inruntime-spec.background: opencontainers/runc#4049