Clark Boylan 681088951b Perform haproxy HUP signals with kill
Podman on Ubuntu Noble has apparmor config that prevents SIGHUP from
being delivered via `podman kill -s HUP` or `docker compose kill -s
HUP`. Attempting to do so results in:

  kernel: audit: type=1400 audit(1739232042.996:129): apparmor="DENIED" operation="signal" class="signal" profile="containers-default-0.57.4-apparmor1" pid=17067 comm="runc" requested_mask="receive" denied_mask="receive" signal=hup peer="podman"

This appears to be due to issues with the apparmor configuration that
was edited to make other signals work:

  https://bugs.launchpad.net/ubuntu/+source/libpod/+bug/2040483

We work around that by using kill to issue the signal instead which
seems to work based on some manual testing.

Change-Id: I49435fdda662e25c7192faf24e0ae4b527e943b9
2025-02-11 08:04:55 -08:00

3 lines
80 B
YAML

- name: Reload haproxy
include_tasks: roles/haproxy/handlers/hup_haproxy.yaml