Thanks to visit codestin.com
Credit goes to github.com

Skip to content

runtime delete exec'd without --systemd-cgroup when using systemd cgroup manager #5818

New issue
New issue
Closed
Closed
runtime delete exec'd without --systemd-cgroup when using systemd cgroup manager#5818
Labels
kind/bugCategorizes issue or PR as related to a bug.lifecycle/staleDenotes an issue or PR has remained open with no activity and has become stale.
@lbogdan

Description

@lbogdan
lbogdan
opened on Apr 25, 2022

What happened?

While deep down the rabbit hole investigating #5490 and troubleshooting the interactions between kubelet, cri-o and runc, I stumbled upon something I consider a bug, although not seeming to have visible consequences.

In DeleteContainer() we exec the runtime (runc in my case) with runc --root $RUNTIME_ROOT delete --force $CONTAINER_ID:

cri-o/internal/oci/runtime_oci.go

Line 783 in a68a720

_, err := utils.ExecCmd(r.path, rootFlag, r.root, "delete", "--force", c.ID())

but runc actually doesn't know about the cgroup manager the container was started with, and it defaults to cgroupfs:

https://github.com/opencontainers/runc/blob/f46b6ba2c9314cfc8caae24a32ec5fe9ef1059fe/utils_linux.go#L38-L56

so when crio is configured to use systemd, there's a mismatch between the runtime arguments to create and delete a container.

Nitpick (for "CRI-O and Kubernetes version" section below): it's kubectl version, not kubectl --version.

What did you expect to happen?

When crio is configured to use the systemd cgroup manager it execs the runtime delete container command with --systemd-cgroup.

How can we reproduce it (as minimally and precisely as possible)?

This happens with a regular cri-o installation.

Anything else we need to know?

No response

CRI-O and Kubernetes version

Details 
$ crio --version
crio version 1.23.2
Version:          1.23.2
GitCommit:        c0b2474b80fd0844b883729bda88961bed7b472b
GitTreeState:     clean
BuildDate:        2022-04-14T15:24:43Z
GoVersion:        go1.17.5
Compiler:         gc
Platform:         linux/amd64
Linkmode:         dynamic
BuildTags:        apparmor, exclude_graphdriver_devicemapper, containers_image_ostree_stub, seccomp
SeccompEnabled:   true
AppArmorEnabled:  false
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.5", GitCommit:"c285e781331a3785a7f436042c65c5641ce8a9e9", GitTreeState:"clean", BuildDate:"2022-03-16T15:58:47Z", GoVersion:"go1.17.8", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.5", GitCommit:"c285e781331a3785a7f436042c65c5641ce8a9e9", GitTreeState:"clean", BuildDate:"2022-03-16T15:52:18Z", GoVersion:"go1.17.8", Compiler:"gc", Platform:"linux/amd64"}

OS version

Details 
# On Linux:
$ cat /etc/os-release
NAME="Ubuntu"
VERSION="20.04.4 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.4 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
$ uname -a
Linux node-0 5.4.0-107-generic #121-Ubuntu SMP Thu Mar 24 16:04:27 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

Additional environment details (AWS, VirtualBox, physical, etc.)

Details N/A

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.lifecycle/staleDenotes an issue or PR has remained open with no activity and has become stale.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions