Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add hint about Perl5 as PID 1 in the docs #44

Open
zakame opened this issue Sep 5, 2017 · 8 comments
Open

Add hint about Perl5 as PID 1 in the docs #44

zakame opened this issue Sep 5, 2017 · 8 comments
Assignees
@zakame

Comments

@zakame
Copy link
Member

zakame commented Sep 5, 2017

Thanks @diocles for the blog post.

I should probably add a hint for it in https://github.com/docker-library/docs/blob/master/perl/content.md for everyone's future reference, namely to run the container on Docker >= 1.13 with --init flag if they need it (or using dumb-init on older Docker versions.)
@zakame zakame self-assigned this Sep 5, 2017
@tianon
Copy link
Contributor

tianon commented Sep 5, 2017

Just to add, tini (https://github.com/krallin/tini) is the implementation behind --init (docker-init on your local system which gets bind-mounted to /dev/init in the container when using --init is a compiled copy of tini), and has a larger number of official release binary architectures than dumb-init does: https://github.com/krallin/tini/releases/tag/v0.16.1

@mohawk2
Copy link

mohawk2 commented Dec 12, 2017

I believe this is only an issue when using CMD in one's image in shell form, not JSON form (since it's the Bash that has the problem, and JSON form doesn't use it).

@mephinet
Copy link

mohawk2: no, this is also the case when running without bash, because perl itself doesn't handle signals the way it should when running as PID1 - see the OPs blog post link.

While --init is a solution for users of pure docker, it does not help users of orchestrations like kubernetes, as there is no possibility at present to achieve something comparable to --init.
Therefore, I propose to add tini or dumb-init to the Perl docker image, and specify it as ENTRYPOINT. This saves all users of the signal handling and process reaping issues. This can be achieved by adding these two lines to all Dockerfiles:

RUN apt-get update && apt-get install -y dumb-init && apt-get clean && rm -rf /var/lib/apt/lists/*
ENTRYPOINT ["dumb-init"]

After this change, the example $ docker run myperl:5 perl -E 'sleep 300' can be Ctrl-C'ed.

@zakame
Copy link
Member Author

zakame commented Aug 2, 2019

Having run into this issue again from a different way (CircleCI testing) I'm now inclined to add @mephinet's suggestion by default. It should not affect the current CMD setting we have and should be least the astonishing to users expecting signal handling in Perl to Just Work™.

Installing the dumb-init package seems the best option as that is present on both Stretch and Buster, but later we can probably move to tini.

@zakame
Copy link
Member Author

zakame commented Aug 3, 2019

Forgot to consider Jessie for the older perls (which does not have both dumb-init or tini packages) so building from source seems the next best option; tini would be preferable in that case. We can also get tini straight off of GitHub releases but since it is small enough (with no other dependency than libc and cmake,) I think we can afford spending a bit more time building it right after the perl build.

@zakame zakame mentioned this issue Aug 5, 2019
Open
zakame added a commit to zakame/docker-library-docs that referenced this issue Aug 10, 2019
@zakame
perl: Document PID 1 signal handling behavior
5fdc26c 
Describe how Perl behaves when being run as PID 1 under containers,
particularly on receiving SIGTERM/SIGINT, showing example for explicit
signal handling.

Ref Perl/docker-perl#44
@zakame zakame mentioned this issue Aug 10, 2019
Merged
@zakame
Copy link
Member Author

zakame commented Aug 10, 2019

Erring on the side of caution for now and document the current PID 1 behavior first; while my testing of using tini as default ENTRYPOINT seems to yield no issues across different Perl versions and architectures, it might be better to hold that back for a while until more people are aware and ask about it becoming the default.

@mohawk2
Copy link

mohawk2 commented Aug 10, 2019

Is there a channel to loudly announce the intention? This is a change intended to reduce surprise, rather than to add features.

@zakame
Copy link
Member Author

zakame commented Aug 10, 2019

I became first aware of this issue through a blog, so maybe I can just make a post of my own on blogs.perl.org for this. Might also bring it up further to p5p...

zakame added a commit to zakame/docker-library-docs that referenced this issue Aug 15, 2019
@zakame
perl: Document PID 1 signal handling behavior
dc3cd78 
Describe how Perl behaves when being run as PID 1 under containers,
particularly on receiving SIGTERM/SIGINT, showing example for explicit
signal handling.

Ref Perl/docker-perl#44
zakame added a commit to zakame/docker-library-docs that referenced this issue Aug 16, 2019
@zakame
perl: Document PID 1 signal handling behavior
82f25e8 
Describe how Perl behaves when being run as PID 1 under containers,
particularly on receiving SIGTERM/SIGINT, showing example for explicit
signal handling.

Ref Perl/docker-perl#44
@zakame zakame mentioned this issue Feb 3, 2020
Closed
zakame added a commit to zakame/binary-com-docker-perl that referenced this issue Jul 28, 2020
@zakame
Dockerfile: invoke dumb-init on cpanm ONBUILD for signals handling
6768804 
This is important for cross-compile builds (e.g. amd64 to arm64) as
cpanm/perl won't handle signals without defining them in the code, cf
Perl/docker-perl#44.  Without this,
cross-compiles will appear to stall.
tom-binary added a commit to binary-com/docker-perl that referenced this issue Aug 23, 2020
@tom-binary @zakame
docker/perl_dzil (#3)
10c8e8e 
* Add dzil recipe

This also serves as a very simple example of using our base perl image.

* Dockerfile: a couple more fixes

- Check aptfile for readability, not size, so it can be skipped if the
 file doesn't exist.

- Do not auto-remove removable packages; removing them doesn't affect
  the overall image size anyway, and some packages (like runtime libraries
  auto-installed by their -dev counterparts) can be inadventently
  removed and break CPAN modules.

* .github/workflows/test.yaml: Test dzil image as well

This probably needs its own workflow later, but for now just do a quick
build and check using the dzil image.

* Dockerfile: invoke dumb-init on cpanm ONBUILD for signals handling

This is important for cross-compile builds (e.g. amd64 to arm64) as
cpanm/perl won't handle signals without defining them in the code, cf
Perl/docker-perl#44.  Without this,
cross-compiles will appear to stall.

* Move apt/cpan setup to script so we can call in sub-images too

* dzil build should pull in authordeps and apply Pod::Inherit patch for the DERIV author bundle

* Include Pod::Inherit @inc patch

* Include CircleCI config as well

* Update CircleCI docker orb

* Latest orb does not have artifacts path for hadolint

* List of dockerfiles now colon-separated

* Switch to orb versions of build+publish

* Clean up CircleCI config - no point running hadolint everywhere

* Apply hadolint recommendations

* Filter out some more hadolint checks

* Try to set WORKDIR

* Attempt to make job steps sequential

* Apply `perl` context

* CircleCI orb has several bugs, so the current version is not usable

* Report $DOCKER_LOGIN to test context-is-broken hypothesis

Co-authored-by: Zak B. Elep <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zakame zakame

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zakame @tianon @mephinet @mohawk2