Fix podman leaking conmon processes
When running in the background without a full-blown init system, `podman system service` will leak `conmon` processes for every gitlab-runner job that executes via the docker socket API. These `conmon` processes almost immediately becomes zombies, and are never cleaned up. Eventually the zombies will consume all available PIDs. Many attempts to fix this in various ways have all failed. In all cases the GitLab Runner process will start behaving strangely (or fail completely) after an amount of time dependent on its usage executing jobs. Fix this by entirely reimplementing *pipglr* to utilize systemd and a pair of lingering user-slices. One for podman, another for the gitlab runner. Include a systemd timer service to affect runner cleanup, periodically. Also update documentation and examples accordingly. Signed-off-by: Chris Evich <chris_gitlab@icuc.me>
This commit is contained in:
Chris Evich
18
podman.service
Normal file
18
podman.service
Normal file
@@ -0,0 +1,18 @@
|
||||
[Unit]
|
||||
Description=Podman API Service
|
||||
Requires=podman.socket
|
||||
After=podman.socket
|
||||
Documentation=man:podman-system-service(1)
|
||||
StartLimitIntervalSec=0
|
||||
|
||||
[Service]
|
||||
Delegate=true
|
||||
Type=exec
|
||||
KillMode=process
|
||||
Environment=LOGGING="--log-level=warn"
|
||||
ExecStart=/usr/bin/podman $LOGGING system service
|
||||
StandardOutput=journal+console
|
||||
StandardError=inherit
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
Reference in New Issue
Block a user