Uploaded image for project: 'Container Tools'
  1. Container Tools
  2. RUN-2468

[containers/podman] HealthCheck timer tries to execute HealthCheck when container is paused

XMLWordPrintable

    • 3
    • False
    • Hide

      None

      Show
      None
    • False
    • rhel-container-tools
    • 3
    • RUN 265, RUN 266

      [2668005028] Upstream Reporter: Jan Rodák
      Upstream issue status: Closed
      Upstream description:

      Issue Description

      When the container with the HealtCheck timer is paused. The timer is not paused and still attempts to perform a podman healthcheck run.

      Steps to reproduce the issue

      Steps to reproduce the issue

      1. cid=$(podman run -dt --replace --name hc1 --health-interval 5s --healthcheck-command 'echo test' quay.io/libpod/alpine:latest)
      2. podman pause hc1
      3. Wait a few seconds (6s)
      4. systemctl --user status ${cid}-*.{service,timer}

      Describe the results you received

      The timer runs even after the container is paused. Systemctl displays an error: Image

      Describe the results you expected

      The timer should be stopped or removed when the container is paused. If the container is unpaused, the timers should be started or recreated. The correct behavior could be the subject of discussion.

      podman info output

      host:   arch: arm64
        buildahVersion: 1.37.5
        cgroupControllers:   - cpu
        - io
        - memory
        - pids
        cgroupManager: systemd
        cgroupVersion: v2
        conmon:     package: conmon-2.1.12-2.fc40.aarch64
          path: /usr/bin/conmon
          version: 'conmon version 2.1.12, commit: '
        cpuUtilization:     idlePercent: 97.31
          systemPercent: 0.57
          userPercent: 2.12
        cpus: 6
        databaseBackend: sqlite
        distribution:     distribution: fedora
          variant: workstation
          version: "40"
        eventLogger: journald
        freeLocks: 2047
        hostname: fedora
        idMappings:     gidmap:     - container_id: 0
            host_id: 1000
            size: 1
          - container_id: 1
            host_id: 524288
            size: 65536
          uidmap:     - container_id: 0
            host_id: 1000
            size: 1
          - container_id: 1
            host_id: 524288
            size: 65536
        kernel: 6.11.7-200.fc40.aarch64
        linkmode: dynamic
        logDriver: journald
        memFree: 3732738048
        memTotal: 8296726528
        networkBackend: netavark
        networkBackendInfo:     backend: netavark
          dns:       package: aardvark-dns-1.12.2-2.fc40.aarch64
            path: /usr/libexec/podman/aardvark-dns
            version: aardvark-dns 1.12.2
          package: netavark-1.12.2-1.fc40.aarch64
          path: /usr/libexec/podman/netavark
          version: netavark 1.12.2
        ociRuntime:     name: crun
          package: crun-1.17-1.fc40.aarch64
          path: /usr/bin/crun
          version: |-
            crun version 1.17
            commit: 000fa0d4eeed8938301f3bcf8206405315bc1017
            rundir: /run/user/1000/crun
            spec: 1.0.0
            +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
        os: linux
        pasta:     executable: /usr/bin/pasta
          package: passt-0^20241030.gee7d0b6-1.fc40.aarch64
          version: |
            pasta 0^20241030.gee7d0b6-1.fc40.aarch64-pasta
            Copyright Red Hat
            GNU General Public License, version 2 or later
              <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
            This is free software: you are free to change and redistribute it.
            There is NO WARRANTY, to the extent permitted by law.
        remoteSocket:     exists: false
          path: /run/user/1000/podman/podman.sock
        rootlessNetworkCmd: pasta
        security:     apparmorEnabled: false
          capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
          rootless: true
          seccompEnabled: true
          seccompProfilePath: /usr/share/containers/seccomp.json
          selinuxEnabled: true
        serviceIsRemote: false
        slirp4netns:     executable: ""
          package: ""
          version: ""
        swapFree: 8296329216
        swapTotal: 8296329216
        uptime: 0h 18m 20.00s
        variant: v8
      plugins:   authorization: null
        log:   - k8s-file
        - none
        - passthrough
        - journald
        network:   - bridge
        - macvlan
        - ipvlan
        volume:   - local
      registries:   search:   - registry.fedoraproject.org
        - registry.access.redhat.com
        - docker.io
      store:   configFile: /home/jrodak/.config/containers/storage.conf
        containerStore:     number: 1
          paused: 1
          running: 0
          stopped: 0
        graphDriverName: overlay
        graphOptions: {}
        graphRoot: /home/jrodak/.local/share/containers/storage
        graphRootAllocated: 67014492160
        graphRootUsed: 13853306880
        graphStatus:     Backing Filesystem: btrfs
          Native Overlay Diff: "true"
          Supports d_type: "true"
          Supports shifting: "false"
          Supports volatile: "true"
          Using metacopy: "false"
        imageCopyTmpDir: /var/tmp
        imageStore:     number: 3
        runRoot: /run/user/1000/containers
        transientStore: false
        volumePath: /home/jrodak/.local/share/containers/storage/volumes
      version:   APIVersion: 5.2.5
        Built: 1729814400
        BuiltTime: Fri Oct 25 02:00:00 2024
        GitCommit: ""
        GoVersion: go1.22.7
        Os: linux
        OsArch: linux/arm64
        Version: 5.2.5
      

      Podman in a container

      No

      Privileged Or Rootless

      None

      Upstream Latest Release

      Yes

      Additional environment details

      No response

      Additional information

      This was found here.


      Upstream URL: https://github.com/containers/podman/issues/24590

              jrodak Jan Rodák
              upstream-sync Upstream Sync
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: