From 522f1479a1e686bc003c05540be86c16e74420f5 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Wed, 24 Jun 2020 11:19:41 +0900
Subject: [PATCH] Make sure failed containers get stopped by systemd

When the main PID (i.e., common) of a container is killed because of
some reasons, systemd won't execute ExecStop command.
Current podman doesn't detect this failure ang recognize that container
is still running and this causes failure when systemd tries to restart
the container.

This patch introduces ExecStopPost configuration into systemd unit
files so that stop operation is executed even when a container fails
because of killed main process. The stale container should be cleaned
up by ExecStopPost task before systemd tries to restart it.

Note that the similar change has been introcuded to "podman generate
systemd" command already[1].
[1] https://github.com/containers/libpod/commit/e5c3432944245a740ed443803c654dcc9c3757f0

Change-Id: Idb8be98f83f95ae536762f79809aa375f04e56ab
Closes-Bug: #1884866
(cherry picked from commit 77b4f665047cde65bca32d62b38d11412e740f3d)
---
 .../roles/tripleo_container_manage/templates/systemd-service.j2  | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tripleo_ansible/roles/tripleo_container_manage/templates/systemd-service.j2 b/tripleo_ansible/roles/tripleo_container_manage/templates/systemd-service.j2
index 6dd3a3a58..52ef92f63 100644
--- a/tripleo_ansible/roles/tripleo_container_manage/templates/systemd-service.j2
+++ b/tripleo_ansible/roles/tripleo_container_manage/templates/systemd-service.j2
@@ -11,6 +11,7 @@ ExecStart=/usr/bin/podman start {{ lookup('dict', container_data_unit).key }}
 {% endif %}
 ExecReload=/usr/bin/podman kill --signal HUP {{ lookup('dict', container_data_unit).key }}
 ExecStop=/usr/bin/podman stop -t {{ lookup('dict', container_data_unit).value.stop_grace_period | default(10) | int }} {{ lookup('dict', container_data_unit).key }}
+ExecStopPost=/usr/bin/podman stop -t {{ lookup('dict', container_data_unit).value.stop_grace_period | default(10) | int }} {{ lookup('dict', container_data_unit).key }}
 KillMode=none
 Type=forking
 PIDFile=/var/run/{{ lookup('dict', container_data_unit).key }}.pid