container pid 1

•  容器是如何退出的？
• init process exit normally
• docker stop   
  • 发送SIGTERM给pid 1，超时后发送SIGKILL信号给pid1，强制退出
• docker kill　　
  • 发送SIGKILL信号给pid1，强制退出
• 发送信号（init process 显示接收的），走内部逻辑，正常退出
• 注意事项
  • pid namespace中 pid1进程死掉后，kernel会杀死所有剩余进程
  • 在pid namespace内无法kill pid 1，只能从host上面杀

    If your init process is your app, then it'll probably only shut down itself, not all the other processes in the container. The kernel will then forcefully kill those other processes, not giving them a chance to gracefully shut down, potentially resulting in file corruption, stale temporary files, etc. You really want to shut down all your processes gracefully.
    CLONE_NEWPID (since Linux 2.6.24)
    The first process created in a new namespace (i.e., the process created using the CLONE_NEWPID flag) has the PID 1, and is the "init" process for the namespace. Children that are orphaned within the namespace will be reparented to this process rather than init(8). Unlike the traditional init process, the "init" process of a PID namespace can terminate

• init process 该具有什么样的本领
  • 接管孤儿进程(containerd-shim已经接管)
  • 转发信号