Termination driver helper process is not reliable #21092
Description
Drivers running a helper process (qemu, vfkit, krunkit) terminate the helper process using an API. qemu uses qmp protocol, and vfkit and krunkit use HTTP protocol to submit a Stop request. All them share the same issue - the stop request can be ignored by the guest, either due to incorrect kernel configuration (#21089) or to issues in the guest. In this case the helper process will continue running minikube stop will timeout.
How graceful termination should work
- User run
minikube stop - Driver.Stop() is called
- Driver use the API to perform graceful shutdown
- Minikube monitor driver status
- After a driver configurable timeout, minikube invokes Driver.Kill()
- Minikube invokes Driver.Wait() to reap the terminate processes
Graceful shutdown with multiple nodes
When stopping multiple nodes, we don't want to preform all the steps for all nodes since it is much slower. For example if we define a 60 seconds graceful timeout, stopping cluster with 3 nodes will take 3 minutes.
- User run
minikube stop - For every node, Minikube calls Driver.Stop()
- For every node, Minikube monitors driver status
- After a driver configurable timeout, minikube invokes Driver.Kill() for all nodes
- For every node, minikube calls Driver.Wait()
The same flow should be used for any helper process.