Added handling of terminationGracePeriodSeconds to creation of systemd units (#138)

soenkeliebau · web-flow · commit 04016375ede2 · 2021-04-23T16:02:54.000+02:00
Added handling of terminationGracePeriodSeconds to creation of systemd units.
The value for this field from the PodSpec is translated to the systemd config TimeoutStopSec

This will cause the service to be killed by systemd if it does not shutdown within the time in seconds specified by this parameter.
Default value for this parameter is 30 seconds, if terminationGracePeriodSeconds this is not specified in the unit file and this default stays in effect.
diff --git a/src/provider/systemdmanager/systemdunit.rs b/src/provider/systemdmanager/systemdunit.rs
@@ -27,6 +27,10 @@ lazy_static! {
         ].iter().cloned().collect();
 }
 
+/// The default timeout for stopping a service, after this has passed systemd will terminate
+/// the process
+const DEFAULT_TERMINATION_TIMEOUT_SECS: i64 = 30;
+
 /// List of sections in the systemd unit
 ///
 /// The sections are written in the same order as listed here into the unit file.
@@ -190,14 +194,23 @@ impl SystemDUnit {
             sections: Default::default(),
         };
 
-        let restart_policy = match &pod.as_kube_pod().spec {
-            // if no restart policy is present we default to "never"
-            Some(spec) => spec.restart_policy.as_deref().unwrap_or("Never"),
-            None => "Never",
+        // Kubernetes does not allow creating pods without a spec, so if we do not get one here
+        //something is definitely seriously amiss
+        let pod_spec = match &pod.as_kube_pod().spec {
+            Some(spec) => spec,
+            None => {
+                return Err(PodValidationError {
+                    msg: format!("Got pod without spec: [{}]", unit.name),
+                })
+            }
         };
 
-        // if however one is specified but we do not know about this policy then we do not default
-        // to never but fail the service instead to avoid unpredictable behavior
+        // Get restart policy from pod, if none is specified default to "Never"
+        let restart_policy = pod_spec.restart_policy.as_deref().unwrap_or("Never");
+
+        // Lookup the equivalent systemd restart policy for the configured one
+        // If this lookup fails (which means a restart policy was specified which we do not know
+        // about) then we fail the entire service to avoid unpredictable behavior
         let restart_policy = match RESTART_POLICY_MAP.get(restart_policy) {
             Some(policy) => policy,
             None => {
@@ -212,6 +225,29 @@ impl SystemDUnit {
 
         unit.add_property(Section::Service, "Restart", restart_policy);
 
+        // If `terminationGracePeriodSeconds` was specified in the PodSpec set the value as
+        // 'TimeOutStopSec` on the systemd unit
+        // This means that the service will be killed after this period if it does not shutdown
+        // after receiving a stop command
+        // If it was not specified we use the default value for 'terminationGracePeriodSeconds' of
+        // 30 seconds, as this differs from the systemd default for 'TimeOutStopSec` which is 90
+        // seconds.
+        let termination_timeout = match pod_spec.termination_grace_period_seconds {
+            None => DEFAULT_TERMINATION_TIMEOUT_SECS,
+            Some(specified_timeout) => specified_timeout,
+        }
+        .to_string();
+
+        unit.add_property(Section::Service, "TimeoutStopSec", &termination_timeout);
+
+        if let Some(stop_timeout) = pod_spec.termination_grace_period_seconds {
+            unit.add_property(
+                Section::Service,
+                "TimeoutStopSec",
+                stop_timeout.to_string().as_str(),
+            );
+        }
+
         if let Some(user_name) = SystemDUnit::get_user_name_from_pod_security_context(pod)? {
             if !user_mode {
                 unit.add_property(Section::Service, "User", user_name);
@@ -478,6 +514,7 @@ mod test {
         indoc! {"
             [Service]
             Restart=always
+            TimeoutStopSec=30
             User=pod-user"}
     )]
     #[case::with_container_on_system_bus(
@@ -517,6 +554,7 @@ mod test {
             Restart=no
             StandardError=journal
             StandardOutput=journal
+            TimeoutStopSec=30
             User=container-user
 
             [Install]
@@ -550,10 +588,28 @@ mod test {
             Restart=no
             StandardError=journal
             StandardOutput=journal
+            TimeoutStopSec=30
 
             [Install]
             WantedBy=multi-user.target"#}
     )]
+    #[case::set_termination_timeout(
+        BusType::System,
+        indoc! {"
+            apiVersion: v1
+            kind: Pod
+            metadata:
+              name: stackable
+            spec:
+              terminationGracePeriodSeconds: 10
+              containers: []"},
+        "stackable.service",
+        indoc! {"
+            [Service]
+            Restart=no
+            TimeoutStopSec=10"}
+    )]
+
     fn create_unit_from_pod(
         #[case] bus_type: BusType,
         #[case] pod_config: &str,
