Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[release-1.21] oci: fix issues with exec #5002

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
openshift-merge-robot merged 2 commits into from
Jun 16, 2021
+12 −8
Merged

[release-1.21] oci: fix issues with exec #5002

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c7c6aba
oci: don't pre-create pid file
haircommander Jun 15, 2021
5f7db4b
oci: kill runtime process on exec if exec pid isn't written yet
haircommander Jun 15, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 12 additions & 8 deletions internal/oci/runtime_oci.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -328,11 +328,13 @@ func (r *runtimeOCI) ExecSyncContainer(ctx context.Context, c *Container, comman
}
defer os.RemoveAll(processFile)

pidFile, err := createPidFile()
pidDir, err := ioutil.TempDir("", "pidfile")
if err != nil {
return nil, err
}
defer os.RemoveAll(pidFile)
defer os.RemoveAll(pidDir)

pidFile := filepath.Join(pidDir, c.id)

cmd := r.constructExecCommand(ctx, c, processFile, pidFile)
cmd.SysProcAttr = sysProcAttrPlatform()
Expand All @@ -356,7 +358,7 @@ func (r *runtimeOCI) ExecSyncContainer(ctx context.Context, c *Container, comman
select {
case <-time.After(time.Second * time.Duration(timeout)):
// Ensure the process is not left behind
killContainerExecProcess(ctx, pidFile)
killContainerExecProcess(ctx, pidFile, cmd)

// Make sure the runtime process has been cleaned up
<-done
Expand Down Expand Up @@ -414,13 +416,15 @@ func createPidFile() (string, error) {
return pidFileName, nil
}

func killContainerExecProcess(ctx context.Context, pidFile string) {
func killContainerExecProcess(ctx context.Context, pidFile string, cmd *exec.Cmd) {
// Attempt to get the container PID and PGID from the file the runtime should have written.
// TODO(haircommander): There does exist a race that we could time out before the runtime actually creates the file.
// Should we do inotify on this file to ensure it exists? Is that overkill?
ctrPid, ctrPgid, err := pidAndpgidFromFile(pidFile)
if err != nil {
log.Errorf(ctx, "Failed to get pid (%d) or pgid (%d) from file %s: %v", ctrPid, ctrPgid, pidFile, err)
if err != nil && ctrPid <= 0 {
// only kill the runtime process if we failed to find a ctrPid
// as this means the runtime exec hasn't successfully written the pid file
if killErr := cmd.Process.Kill(); killErr != nil {
log.Errorf(ctx, "Error killing runtime exec process(%v) after error finding runtime pid: (%v)", killErr, err)
}
}

if ctrPgid > 1 {
Expand Down