Uploaded image for project: 'Container Tools'
  1. Container Tools
  2. RUN-2468

[containers/podman] HealthCheck timer tries to execute HealthCheck when container is paused

XMLWordPrintable

    • 3
    • False
    • Hide

      None

      Show
      None
    • False
    • rhel-container-tools
    • 3
    • RUN 265, RUN 266

      [2668005028] Upstream Reporter: Jan Rodák
      Upstream issue status: Closed
      Upstream description:

      Issue Description

      When the container with the HealtCheck timer is paused. The timer is not paused and still attempts to perform a podman healthcheck run.

      Steps to reproduce the issue

      Steps to reproduce the issue

      1. cid=$(podman run -dt --replace --name hc1 --health-interval 5s --healthcheck-command 'echo test' quay.io/libpod/alpine:latest)
      2. podman pause hc1
      3. Wait a few seconds (6s)
      4. systemctl --user status ${cid}-*.{service,timer}

      Describe the results you received

      The timer runs even after the container is paused. Systemctl displays an error: Image

      Describe the results you expected

      The timer should be stopped or removed when the container is paused. If the container is unpaused, the timers should be started or recreated. The correct behavior could be the subject of discussion.

      podman info output

      host:   arch: arm64
  buildahVersion: 1.37.5
  cgroupControllers:   - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:     package: conmon-2.1.12-2.fc40.aarch64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.12, commit: '
  cpuUtilization:     idlePercent: 97.31
    systemPercent: 0.57
    userPercent: 2.12
  cpus: 6
  databaseBackend: sqlite
  distribution:     distribution: fedora
    variant: workstation
    version: "40"
  eventLogger: journald
  freeLocks: 2047
  hostname: fedora
  idMappings:     gidmap:     - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 524288
      size: 65536
    uidmap:     - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 524288
      size: 65536
  kernel: 6.11.7-200.fc40.aarch64
  linkmode: dynamic
  logDriver: journald
  memFree: 3732738048
  memTotal: 8296726528
  networkBackend: netavark
  networkBackendInfo:     backend: netavark
    dns:       package: aardvark-dns-1.12.2-2.fc40.aarch64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.12.2
    package: netavark-1.12.2-1.fc40.aarch64
    path: /usr/libexec/podman/netavark
    version: netavark 1.12.2
  ociRuntime:     name: crun
    package: crun-1.17-1.fc40.aarch64
    path: /usr/bin/crun
    version: |-
      crun version 1.17
      commit: 000fa0d4eeed8938301f3bcf8206405315bc1017
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:     executable: /usr/bin/pasta
    package: passt-0^20241030.gee7d0b6-1.fc40.aarch64
    version: |
      pasta 0^20241030.gee7d0b6-1.fc40.aarch64-pasta
      Copyright Red Hat
      GNU General Public License, version 2 or later
        <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
  remoteSocket:     exists: false
    path: /run/user/1000/podman/podman.sock
  rootlessNetworkCmd: pasta
  security:     apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:     executable: ""
    package: ""
    version: ""
  swapFree: 8296329216
  swapTotal: 8296329216
  uptime: 0h 18m 20.00s
  variant: v8
plugins:   authorization: null
  log:   - k8s-file
  - none
  - passthrough
  - journald
  network:   - bridge
  - macvlan
  - ipvlan
  volume:   - local
registries:   search:   - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
store:   configFile: /home/jrodak/.config/containers/storage.conf
  containerStore:     number: 1
    paused: 1
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/jrodak/.local/share/containers/storage
  graphRootAllocated: 67014492160
  graphRootUsed: 13853306880
  graphStatus:     Backing Filesystem: btrfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:     number: 3
  runRoot: /run/user/1000/containers
  transientStore: false
  volumePath: /home/jrodak/.local/share/containers/storage/volumes
version:   APIVersion: 5.2.5
  Built: 1729814400
  BuiltTime: Fri Oct 25 02:00:00 2024
  GitCommit: ""
  GoVersion: go1.22.7
  Os: linux
  OsArch: linux/arm64
  Version: 5.2.5

      Podman in a container

      No

      Privileged Or Rootless

      None

      Upstream Latest Release

      Yes

      Additional environment details

      No response

      Additional information

      This was found here.


      Upstream URL: https://github.com/containers/podman/issues/24590

              jrodak Jan Rodák
              upstream-sync Upstream Sync
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: