lxc-stop

Stop a container

$ sudo lxc-stop [container_name]

$ lxc-stop [[-?|--help]]

lxc-stop {-n } [-t ] [-W] [-k] [-r] [-a] [-q] [-P ] [-o ]

-n <name>, --name <name>
    Specifies the name of the container to stop.

-t <timeout>, --timeout <timeout>
    Sets the timeout in seconds for a graceful shutdown before resorting to SIGKILL. Default is 30 seconds.

-W, --wait
    Waits for the container to fully stop before the command exits.

-k, --kill
    Immediately sends a SIGKILL signal to the container, forcing an abrupt termination without graceful shutdown.

-r, --reboot
    Attempts to gracefully reboot the container instead of stopping it.

-a, --all
    Stops all currently running LXC containers on the host.

-q, --quiet
    Suppresses output messages from the command.

-P <path>, --rcfile <path>
    Specifies the LXC configuration file or directory to use.

-o <file>, --logfile <file>
    Writes log messages to the specified file.

The lxc-stop command is used to gracefully or forcefully halt a running Linux Container (LXC). It initiates a shutdown by sending a SIGPWR signal to the container's init process, allowing for a clean termination of services and proper cleanup. If the container fails to stop within a specified or default timeout, lxc-stop escalates to a forceful termination using a SIGKILL signal, ensuring all container processes are immediately ended and its resources are released. This command is crucial for managing the lifecycle of LXC containers, enabling operations such as backup, migration, or removal. It supports stopping a specific container by name or halting all active containers on the host system.

Requires root privileges or appropriate capabilities (e.g., CAP_SYS_ADMIN).
Forceful termination (via -k or timeout) can lead to data corruption if container applications do not handle abrupt exits.
The -r option performs a graceful reboot, not a forceful one.

When invoked, lxc-stop first attempts a clean shutdown by sending a SIGPWR signal to the container's init process. This allows the init system (e.g., systemd, sysvinit) within the container to execute its configured shutdown scripts, ensuring services are terminated gracefully and data is synchronized to disk. If the container does not stop within the default 30-second timeout (or a user-specified timeout), lxc-stop will escalate to sending a SIGKILL signal. This signal immediately terminates all processes running inside the container, forcefully releasing its resources back to the host system.

Executing lxc-stop typically requires root privileges on the host system. This is necessary because the command interacts with system-level resources and processes managed by the kernel that are associated with the container. While unprivileged containers run with mapped UIDs/GIDs, operations like stopping them from the host still demand elevated permissions.

LXC (Linux Containers) emerged as a key technology for lightweight virtualization, bridging the gap between simple chroot environments and full virtual machines. lxc-stop has been a fundamental utility since the early stages of LXC development, providing essential lifecycle management for containers. Its design incorporates both graceful shutdown mechanisms (similar to system poweroff) and forceful termination capabilities, crucial for unresponsive containers. Over time, options like -t for timeout and -W for waiting for completion have been integrated to enhance scripting and control, reflecting the evolving needs of container orchestration.

lxc(7), lxc-start(1), lxc-create(1), lxc-destroy(1), lxc-ls(1), lxc-info(1)