Why does docker kill sometimes fail to kill running containers?-Docker-php.cn

Home

Operation and Maintenance

Docker

Why does docker kill sometimes fail to kill running containers?

尚

Mar 31, 2020 pm 02:18 PM

Why does docker kill sometimes fail to kill running containers?

Docker Kill main process

1. The Docker engine uses SIGKILL to send it to the container main process through containerd. After waiting for a period of time, if the container exit message is received from containerd, Then the container Kill is successful.

2. If the wait times out in the previous step, the Docker engine will skip Containerd and send the SIGKILL signal to the container main process through the kill system call. If the kill system call returns that the main process does not exist at this time, then Docker kill is successful. Otherwise, the engine will remain dead until containerd passes the engine and the container exits.

When a problem occurs, a large number of stress processes (actually container processes) are found on the host machine to be in the D state, and the system response slows down. The problem can be explained like this:

1, After Docker kill indirectly sends the SIGKill signal to the main process of the container through containerd, due to the slow system response, the internal child process (stress) of the container is in the D state, so during the timeout period Containerd did not report the container exit. Docker kill has reached the stage of directly sending Sigkill

2, Before this stage, the main process inside the container has exited, so the system call kill and send SIGKILL will soon return that the process does not exist. The engine thinks it has killed the container, and Docker kill returns successfully.

3. After a certain period of time, the container sub-processes recover from the D state. They exit, containerd reports the container exit, and the engine cleans up resources. At this time, Docker ps sees that the container is in the exit state.

Container master/child process is in D state

The process D state indicates that the process is in an uninterruptible sleep state, usually waiting for IO resources. Of course, sometimes if there is a problem with system IO, there will be a large number of processes in the D state. In this state, the signal cannot wake up the process; it can only wait for the process to return from the D state. And in the conventional kernel, if a process has been in D state, theoretically there is no way or means to bring it back from D except restarting the system.

For more related tutorials, please pay attention to the docker tutorial column on the PHP Chinese website.

The above is the detailed content of Why does docker kill sometimes fail to kill running containers?. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

3 weeks ago By DDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

1 months ago By DDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7612

CakePHP Tutorial

1387

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

136

Related knowledge

Docker Interview Questions: Ace Your DevOps Engineering Interview Apr 06, 2025 am 12:01 AM

Docker is a must-have skill for DevOps engineers. 1.Docker is an open source containerized platform that achieves isolation and portability by packaging applications and their dependencies into containers. 2. Docker works with namespaces, control groups and federated file systems. 3. Basic usage includes creating, running and managing containers. 4. Advanced usage includes using DockerCompose to manage multi-container applications. 5. Common errors include container failure, port mapping problems, and data persistence problems. Debugging skills include viewing logs, entering containers, and viewing detailed information. 6. Performance optimization and best practices include image optimization, resource constraints, network optimization and best practices for using Dockerfile.

Docker Volumes: Managing Persistent Data in Containers Apr 04, 2025 am 12:19 AM

DockerVolumes ensures that data remains safe when containers are restarted, deleted, or migrated. 1. Create Volume: dockervolumecreatemydata. 2. Run the container and mount Volume: dockerrun-it-vmydata:/app/dataubuntubash. 3. Advanced usage includes data sharing and backup.

Docker Security Hardening: Protecting Your Containers From Vulnerabilities Apr 05, 2025 am 12:08 AM

Docker security enhancement methods include: 1. Use the --cap-drop parameter to limit Linux capabilities, 2. Create read-only containers, 3. Set SELinux tags. These strategies protect containers by reducing vulnerability exposure and limiting attacker capabilities.

How to update the image of docker Apr 15, 2025 pm 12:03 PM

The steps to update a Docker image are as follows: Pull the latest image tag New image Delete the old image for a specific tag (optional) Restart the container (if needed)

How to exit the container by docker Apr 15, 2025 pm 12:15 PM

Four ways to exit Docker container: Use Ctrl D in the container terminal Enter exit command in the container terminal Use docker stop <container_name> Command Use docker kill <container_name> command in the host terminal (force exit)

How to use docker desktop Apr 15, 2025 am 11:45 AM

How to use Docker Desktop? Docker Desktop is a tool for running Docker containers on local machines. The steps to use include: 1. Install Docker Desktop; 2. Start Docker Desktop; 3. Create Docker image (using Dockerfile); 4. Build Docker image (using docker build); 5. Run Docker container (using docker run).

How to copy files in docker to outside Apr 15, 2025 pm 12:12 PM

Methods for copying files to external hosts in Docker: Use the docker cp command: Execute docker cp [Options] <Container Path> <Host Path>. Using data volumes: Create a directory on the host, and use the -v parameter to mount the directory into the container when creating the container to achieve bidirectional file synchronization.

Advanced Docker Networking: Mastering Bridge, Host & Overlay Networks Apr 03, 2025 am 12:06 AM

Docker provides three main network modes: bridge network, host network and overlay network. 1. The bridge network is suitable for inter-container communication on a single host and is implemented through a virtual bridge. 2. The host network is suitable for scenarios where high-performance networks are required, and the container directly uses the host's network stack. 3. Overlay network is suitable for multi-host DockerSwarm clusters, and cross-host communication is realized through the virtual network layer.

See all articles