[英]Why does trying to kill a process in Docker container take me out of it?
I have a v6.10.0 Node server on my macOS that is automatically started from the CMD
in the Dockerfile
. 我的macOS上有一个v6.10.0节点服务器,它是从Dockerfile
的CMD
自动启动的。 Normally in my local development un-containerized environment I will use CTRL+C to kill the server. 通常,在我的本地开发无容器环境中,我将使用CTRL + C杀死服务器。 Not being able to (or not knowing how to) do this in the container, I resort to ps aux | grep node
ps aux | grep node
无法(或不知道如何)在容器中执行此操作 ps aux | grep node
to try to manually kill the processes. ps aux | grep node
尝试手动终止进程。 So, I get something like this: 所以,我得到这样的东西:
myapp [master] :> kubectl exec -it web-3127363242-xb50k bash
root@web-3127363242-xb50k:/usr/src/app# ps aux | grep node
root 15 0.4 0.9 883000 35804 ? Sl 05:49 0:00 node /usr/src/app/node_modules/.bin/concurrent --kill-others npm run start-prod npm run start-prod-api
root 43 0.1 0.6 743636 25240 ? Sl 05:49 0:00 node /usr/src/app/node_modules/.bin/better-npm-run start-prod
root 44 0.1 0.6 743636 25140 ? Sl 05:49 0:00 node /usr/src/app/node_modules/.bin/better-npm-run start-prod-api
root 55 0.0 0.0 4356 740 ? S 05:49 0:00 sh -c node ./bin/server.js
root 56 0.0 0.0 4356 820 ? S 05:49 0:00 sh -c node ./bin/api.js
root 57 18.6 4.9 1018088 189416 ? Sl 05:49 0:08 node ./bin/server.js
root 58 13.9 5.2 1343296 197576 ? Sl 05:49 0:06 node ./bin/api.js
root 77 0.0 0.0 11128 1024 ? S+ 05:50 0:00 grep node
When I try to kill one of them by 当我试图杀死其中一个
kill -9 15
I am taken out of my container's shell and back to my computer's shell. 我从容器的外壳中取出,回到计算机的外壳中。 When I enter the container again, I see that the process is still there with the same process id. 当我再次进入该容器时,我看到该进程仍然在那里,并且具有相同的进程ID。 This example uses a Kubernetes pod but I believe I have the same result with entering a Docker container using the docker exec
command. 这个示例使用Kubernetes容器,但我相信使用docker docker exec
命令输入Docker容器的结果相同。
Every docker container has an ENTRYPOINT that will either be set in the dockerfile , using ENTRYPOINT
or CMD
declarations, or specified in the run command docker run myimage:tag "entrypoint_command"
. 每个docker容器都有一个ENTRYPOINT ,可以使用ENTRYPOINT
或CMD
声明在dockerfile中设置,或者在运行命令docker run myimage:tag "entrypoint_command"
。 When the ENTRYPOINT process is killed, I think the container gets killed as well. 当ENTRYPOINT进程被杀死时,我认为容器也被杀死了。 The docker exec
, as I understand it, is kind of like "attaching" command to a container. 据我了解, docker exec
有点像“附加”命令到容器。 But if the ENTRYPOINT is down there is no container to attach to. 但是,如果ENTRYPOINT向下,则没有容器可连接。
Kubernetes will restart a container after failure as far as I understand it. 据我所知,Kubernetes将在发生故障后重启容器。 Which might be the reason you see the process is back up. 这可能是您看到备份过程的原因。 I haven't really worked with Kubernetes but I'd try and play around with the way that the replications are scaled to terminate your process. 我还没有真正使用Kubernetes,但是我会尝试使用扩展复制来终止您的进程的方式。
Containers isolate your desired app as pid 1 inside the namespace. 容器将您所需的应用隔离为命名空间内的pid 1。 The desired app being your entrypoint or cmd if you don't have an entrypoint defined. 所需的应用程序是您的入口点或cmd(如果您没有定义入口点)。 If killing a process results in pid 1 exiting, the container will immediately stop (similar to killing pid 1 on a linux host) along with killing all of the other pids. 如果杀死进程导致pid 1退出,则容器将立即停止(类似于杀死linux主机上的pid 1),同时杀死所有其他pid。 If this container has a restart policy, it will be restarted and the processes will get the same pids as last time it ran (all else being equal which it often is inside of a container). 如果此容器具有重新启动策略,则它将重新启动,并且进程将获得与上次运行时相同的pid(其他条件均相同,并且通常位于容器内部)。
To keep the container from stopping, you'll need to adjust your entrypoint to remain up even with the child process being killed. 为了防止容器停止运行,即使子进程被终止,您也需要调整入口点以保持运行状态。 That side, having the container exit is typically a preferred behavior to handle unexpected errors by getting back to a clean state. 从这一方面来说,使容器退出通常是通过返回到干净状态来处理意外错误的首选行为。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.