podman
podman copied to clipboard
containers
An official way to send signals into a container for ExecReload=
Feature request description
Where foo is a Podman Quadlet .container service, I'd like systemctl reload foo to send a SIGHUP to the container's main process.
I'm currently doing this:
[Service]
ExecReload=/usr/bin/podman kill -s SIGHUP --cidfile=%t/%N.cid
I got the --cidfile=%r/%N.cid construct by looking at the ExecStart= directive in the generated foo.service unit. But it feels a bit non/obvious & like I'm relying on an implementation detail of Quadlet. Not one that's likely to change, but it would be nice if there was a more documented/obvious way to be able to send signals into the container.
This would also work:
[Service]
ExecReload=/usr/bin/podman kill -s SIGHUP systemd-%N
... but it relies on the user not also specifying ContainerName=.
Suggest potential solution
Quadlet could introduce its own specifiers that it expands during .container file processing. Something like:
[Container]
ExecReload=/usr/bin/podman kill -s SIGHUP %N
However it would probably be too confusing for Quadlet and systemd to both be doing their own expansion processing on directives with differently defined specifiers.
Have you considered any alternatives?
Document --cidfile=%t/%N.cid in podman-systemd.unit(5) and add it to the test.container example within podman-systemd.unit(5). But this will make it an interface promise, so if you wanted to put Quadlet's cidfiles somewhere else in the future you'd break people's .container units.
Additional context
No response
A friendly reminder that this issue had no activity for 30 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@ygalblum @mheon @alexlarsson @cgwalters WDYT?
Should we just do this by default?
Then
Reload: true
How would that work? Thing is some daemons (like samba and nginx) support being sent SIGHUP for them to reload their configuration data without stopping and restarting, and others do it differently
I was thinking it would just add
ExecReload=/usr/bin/podman kill -s SIGHUP --cidfile=%t/%N.cid
@rhatdan unfortunately as @mheon mentioned this is not universal, many daemons do it this way but we'd need something more flexible for those that don't. One might, for example, want to execute a command inside the container instead.
Sure For the non default users you can just add the [Service] ExecReload=...
But for the most common case, we can make it easy to discover the --cidfile... option.
@rhatdan maybe so... is that already available? EDIT: whoops so the OP mentioned he already does that so it must be
Sure For the non default users you can just add the [Service] ExecReload=...
Hmm podman exec doesn't have a --cidfile= option - but systemd-%N will work as the container name unless the user uses ContainerName=
But for the most common case, we can make it easy to discover the --cidfile... option.
I think just documenting the correct way to do this in the test.container example in the man page would be fine. Anyone searching for reload will find it.
How about adding two mutually exclusive options:
ReloadSignal=
ReloadCmd=
ReloadSignal= would generate a podman kill based ExecReload:
ExecReload=/usr/bin/podman kill --cidfile=%t/%N.cid --signal ${signal}
while ReloadCmd= would generate an podman exec based ExecReload:
ExecReload=/usr/bin/podman exec --cidfile=%t/%N.cid ${cmd}
An example for an application that could use ReloadCmd would be Caddy.
This would require adding support for --cidfile to podman exec (#21256).
I believe these options would cover most container workloads.
