[pve-devel] [PATCH container] use the lxc@ service file provded by lxc

Wolfgang Bumiller w.bumiller at proxmox.com
Thu Feb 2 11:21:38 CET 2017 

Until now the lxc-start process was sort of a danglign
process in the pvedaemon.service cgroup when a container was
started from the web UI causing long stalls when trying to
restart pvedaemon and potential container kills. (Mostly
problematic when issuing package upgrades).
We now start containers via the lxc@ service file giving
them their own service cgroup.

The downside is that we'll have to patch the lxc@ service
file in the lxc package to Type=forking without the -F
option otherwise all of the the containers' console outputs
will end up in the logs...
---
The upside is that we get to kill that whole forking mess in
the post-stop hook and can just use systemctl --no-block restart lxc at vmid
(after updating the lxc config of course)

 src/PVE/API2/LXC/Status.pm |  2 +-
 src/PVE/VZDump/LXC.pm      |  2 +-
 src/lxc-pve-poststop-hook  | 21 +++++++--------------
 3 files changed, 9 insertions(+), 16 deletions(-)

diff --git a/src/PVE/API2/LXC/Status.pm b/src/PVE/API2/LXC/Status.pm
index 8c389f7..a3d11f1 100644
--- a/src/PVE/API2/LXC/Status.pm
+++ b/src/PVE/API2/LXC/Status.pm
@@ -178,7 +178,7 @@ __PACKAGE__->register_method({
 
 		    local $ENV{PVE_SKIPLOCK}=1 if $skiplock;
 
-		    my $cmd = ['lxc-start', '-n', $vmid];
+		    my $cmd = ['systemctl', 'start', "lxc\@$vmid"];
 
 		    run_command($cmd);
 
diff --git a/src/PVE/VZDump/LXC.pm b/src/PVE/VZDump/LXC.pm
index 0d871a1..fafffc6 100644
--- a/src/PVE/VZDump/LXC.pm
+++ b/src/PVE/VZDump/LXC.pm
@@ -260,7 +260,7 @@ sub stop_vm {
 sub start_vm {
     my ($self, $task, $vmid) = @_;
 
-    $self->cmd ("lxc-start -n $vmid");
+    $self->cmd(['systemctl', 'start', "lxc\@$vmid"]);
 }
 
 sub suspend_vm {
diff --git a/src/lxc-pve-poststop-hook b/src/lxc-pve-poststop-hook
index b8524cc..a4302d6 100755
--- a/src/lxc-pve-poststop-hook
+++ b/src/lxc-pve-poststop-hook
@@ -74,21 +74,14 @@ __PACKAGE__->register_method ({
 
 	my $target = $ENV{LXC_TARGET};
 	if ($target && $target eq 'reboot') {
-	    # in order to make sure hot-plugged config changes aren't reverted
+	    # In order to make sure hot-plugged config changes aren't reverted
 	    # to what the monitor initially loaded we need to stop the container
-	    # and restart it
-	    local $SIG{HUP} = 'IGNORE';
-	    my $pid = fork();
-	    die "fork failed during container reboot: $!\n" if !defined($pid);
-	    if (!$pid) {
-		POSIX::setsid();
-		close STDIN;
-		close STDOUT;
-		close STDERR;
-		PVE::LXC::update_lxc_config($vmid, $conf);
-		exec {'lxc-start'} 'lxc-start', '-n', $vmid
-		or POSIX::_exit(-1);
-	    }
+	    # and restart it.
+	    # Update the config and queue a restart of the lxc@$vmid task, note
+	    # that we must not block because we're part of the service cgroup
+	    # systemd waits for to die before issuing the new lxc-start command.
+	    PVE::LXC::update_lxc_config($vmid, $conf);
+	    PVE::Tools::run_command(['systemctl', '--no-block', 'restart', "lxc\@$vmid"]);
 	    # cause lxc to stop instead of rebooting
 	    POSIX::_exit(1);
 	}
-- 
2.1.4

More information about the pve-devel mailing list