Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A way to kill the container by signaling docker run #5489

Open
adamnovak opened this issue Oct 1, 2024 · 3 comments
Open

A way to kill the container by signaling docker run #5489

adamnovak opened this issue Oct 1, 2024 · 3 comments
Assignees
@laurazard
Labels
kind/feature status/0-triage

Comments

@adamnovak
Copy link

Description

The docker run --sig-proxy can't forward SIGKILL because it can't actually receive it without dying itself. But this means there's no way to send SIGKILL to the contained process by signaling docker run, and thus, as far as I can tell, no way to achieve the effect of docker kill and reliably destroy the attached container by signaling docker run.

I would like to be able to configure docker run to tear down the attached container upon receiving some signal (maybe SIGTERM or SIGHUP), regardless of whether it was started with --init or what the PID 1 process inside chooses to do in response to signals.

Workarounds for not having this feature:

  • Use --init (and hope you didn't need your container's own init process or handling of any signals that Docker's init uses, and that Docker's init doesn't hang or get a gdb attached to it or otherwise malfunction).
  • Use a shell script that wraps docker run, traps a signal, and issues a docker kill.
@laurazard
Copy link
Member

Oh! I was about to start writing a comment saying that I believed that signalling the docker run process with SIGINT three times caused a ContainerKill call to be made with KILL signal, but I guess I'm either confusing that with the Compose behavior during teardown, or I'm just misremembering something (such as the CLI forcefully exiting after 3 signals – but not signalling the container).

I'd support implementing something like that – would that address your usecase? cc @thaJeztah

@laurazard laurazard self-assigned this Oct 4, 2024
@thaJeztah
Copy link
Member

Also related ticket from @adamnovak in moby/moby;

@adamnovak
Copy link
Author

I think the job manager I am using that motivated this can only send a signal once, not repeatedly. I'm really looking for something like --kill-container-on-hup so I can change some particular signal from being forwarded to prompting container teardown instead. Then I could set up my job manager to send the right signal.

If I have to send 3 SIGINTs I still need a wrapping shell script, though it would be simpler than one that needs to know the container ID to call docker kill.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@laurazard laurazard

Labels
kind/feature status/0-triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thaJeztah @adamnovak @laurazard