(我手头没有 Docker 环境可供尝试。只是猜测。)
对于你的情况,docker run
必须正在运行busybox/sh
or bash
as PID 1.
根据 Docker 的说法doc https://docs.docker.com/engine/reference/run/#foreground:
注意:进程运行为PID 1Linux 会对容器内部进行特殊处理:它会忽略具有默认操作的任何信号。因此,该过程不会终止SIGINT
or SIGTERM
除非它被编码为这样做。
对于之间的差异繁忙的盒子/sh and bash关于SIGHUP
---
在我的系统(Debian 9.6,x86_64)上,信号掩码为busybox/sh
and bash
如下面所述:
忙碌盒/sh:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 82817 0.0 0.0 6952 1904 pts/2 S+ 10:23 0:00 busybox sh
PENDING (0000000000000000):
BLOCKED (0000000000000000):
IGNORED (0000000000284004):
3 QUIT
15 TERM
20 TSTP
22 TTOU
CAUGHT (0000000008000002):
2 INT
28 WINCH
bash:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 4871 0.0 0.1 21752 6176 pts/16 Ss 2019 0:00 /usr/local/bin/bash
PENDING (0000000000000000):
BLOCKED (0000000000000000):
IGNORED (0000000000380004):
3 QUIT
20 TSTP
21 TTIN
22 TTOU
CAUGHT (000000004b817efb):
1 HUP
2 INT
4 ILL
5 TRAP
6 ABRT
7 BUS
8 FPE
10 USR1
11 SEGV
12 USR2
13 PIPE
14 ALRM
15 TERM
17 CHLD
24 XCPU
25 XFSZ
26 VTALRM
28 WINCH
31 SYS
正如我们所看到的繁忙的盒子/sh不处理SIGHUP
所以信号被忽略。Bash捕获物SIGHUP
so docker kill
可以将信号传递给 Bash,然后 Bash 将被终止,因为根据其manual http://man7.org/linux/man-pages/man1/bash.1.html, “shell 在收到命令后默认退出SIGHUP
".
更新 2020-03-07 #1:
快速测试了一下,我之前的分析基本是正确的。您可以这样验证:
[STEP 104] # docker run -dt debian busybox sh -c \
'trap exit HUP; while true; do sleep 1; done'
331380090c59018dae4dbc17dd5af9d355260057fdbd2f2ce9fc6548a39df1db
[STEP 105] # docker ps
CONTAINER ID IMAGE COMMAND CREATED
331380090c59 debian "busybox sh -c 'trap…" 11 seconds ago
[STEP 106] # docker kill -s HUP 331380090c59
331380090c59
[STEP 107] # docker ps
CONTAINER ID IMAGE COMMAND CREATED
[STEP 108] #
正如我之前展示的,默认情况下busybox/sh
没有抓住SIGHUP
所以该信号将被忽略。但是之后busybox/sh
显式陷阱SIGHUP
,信号将被传递给它。
我也尝试过SIGKILL
是的,它总是会终止正在运行的容器。这是合理的,因为SIGKILL
不能被任何进程捕获,因此信号将始终传递到容器并杀死它。
2020 年 3 月 7 日更新#2:
您还可以通过这种方式验证它(更简单):
[STEP 110] # docker run -ti alpine
/ # ps
PID USER TIME COMMAND
1 root 0:00 /bin/sh
7 root 0:00 ps
/ # kill -HUP 1 <-- this does not kill it because linux ignored the signal
/ #
/ # trap 'echo received SIGHUP' HUP
/ # kill -HUP 1
received SIGHUP <-- this indicates it can receive SIGHUP now
/ #
/ # trap exit HUP
/ # kill -HUP 1 <-- this terminates it because the action changed to `exit`
[STEP 111] #