Dear Christian, my lxc management script uses lxc-stop just for an emergency action called "fored-stop" and it will be also applied, if a normal "stop" (alias "halt") action will timeout after 5min. For this normal shutdown (or reboot) of a container, I'm sending just a SIGPWR (or SIGINT) to the containers init (sysvinit) process. This will result into the same actions as one will call 'poweroff' or 'reboot' inside it.
[...] kill -$SIGNAL $INIT_PID timeout 5m lxc-wait -n $CONTAINER -s "STOPPED" \ || ( lxc-stop --name $CONTAINER && LOG "shutdown timed out, \"$CONTAINER\" killed!" ) [...] To support the (well documented) SIGPWR feature, with my Gentoo distro I had to add the line " pf:12345:powerwait:/sbin/halt" to /etc/inittab. Using other init systems, at least SIGINT should act on the same way but they also need some fiddling to support SIGPWR. >From that, executing "shutdown" via lxc-attatch might be more universal -- if >it will work in future! Guido >-----Original Message----- >From: Christian Seiler [mailto:christ...@iwakd.de] >Sent: Friday, May 25, 2012 1:56 PM >To: lxc-devel@lists.sourceforge.net >Subject: [Spam-Wahrscheinlichkeit=99][lxc-devel] Shutting down containers >properly > >Hi, > >Currently, lxc-stop sends SIGKILL to the init process of the container, >which causes all the other processes in the container to also receive >a SIGKILL. I don't think that is a good course of action, since sending >SIGKILL to for example a database server can lead to potential data >loss. > >A much better way of stopping containers would be in my opinion to >first send the container a shutdown signal - and then wait for a >specified amount of time before really killing the container with a >KILL signal. > >Unfortunately, no init system will react to SIGTERM and shut down the >container, so it is not quite as easy. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
