diff options
author | Nicolas Lacasse <nlacasse@google.com> | 2018-09-19 18:52:53 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-09-19 18:54:14 -0700 |
commit | 915d76aa924c08b1fcb80a58e3caa24529a23d04 (patch) | |
tree | 7b43890499455af77c2d8fa279bf15838e69e643 /runsc/container/container.go | |
parent | b873e388f36ee7251059d54a963c27a55be50ab5 (diff) |
Add container.Destroy urpc method.
This method will:
1. Stop the container process if it is still running.
2. Unmount all sanadbox-internal mounts for the container.
3. Delete the contaner root directory inside the sandbox.
Destroy is idempotent, and safe to call concurrantly.
This fixes a bug where after stopping a container, we cannot unmount the
container root directory on the host. This bug occured because the sandbox
dirent cache was holding a dirent with a host fd corresponding to a file inside
the container root on the host. The dirent cache did not know that the
container had exited, and kept the FD open, preventing us from unmounting on
the host.
Now that we unmount (and flush) all container mounts inside the sandbox, any
host FDs donated by the gofer will be closed, and we can unmount the container
root on the host.
PiperOrigin-RevId: 213737693
Change-Id: I28c0ff4cd19a08014cdd72fec5154497e92aacc9
Diffstat (limited to 'runsc/container/container.go')
-rw-r--r-- | runsc/container/container.go | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/runsc/container/container.go b/runsc/container/container.go index 3be88066c..a2582611a 100644 --- a/runsc/container/container.go +++ b/runsc/container/container.go @@ -544,16 +544,9 @@ func (c *Container) save() error { // to stop. If any of them doesn't stop before timeout, an error is returned. func (c *Container) stop() error { if c.Sandbox != nil && c.Sandbox.IsRunning() { - log.Debugf("Killing container %q", c.ID) - if c.Sandbox.IsRootContainer(c.ID) { - if err := c.Sandbox.Destroy(); err != nil { - return fmt.Errorf("error destroying sandbox %q: %v", c.Sandbox.ID, err) - } - } else { - if err := c.Signal(syscall.SIGKILL); err != nil { - // The container may already be stopped, log the error. - log.Warningf("Error sending signal %d to container %q: %v", syscall.SIGKILL, c.ID, err) - } + log.Debugf("Destroying container %q", c.ID) + if err := c.Sandbox.DestroyContainer(c.ID); err != nil { + return fmt.Errorf("error destroying container %q: %v", c.ID, err) } } |