github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #1468 from fuweid/me-change-rollback

Browse Source 
RunPodSandbox: destroy network if fails or invalid
This commit is contained in:
Mike Brown 2020-05-01 18:09:07 -05:00 committed by GitHub
commit 65830369b6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/server/sandbox_run.go
View File

@ -123,12 +123,18 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
sandbox.NetNSPath = sandbox.NetNS.GetPath() sandbox.NetNSPath = sandbox.NetNS.GetPath()
defer func() { defer func() {
if retErr != nil { if retErr != nil {
// Teardown network if an error is returned.
if err := c.teardownPodNetwork(ctx, sandbox); err != nil {
log.G(ctx).WithError(err).Errorf("Failed to destroy network for sandbox %q", id)
}
if err := sandbox.NetNS.Remove(); err != nil { if err := sandbox.NetNS.Remove(); err != nil {
log.G(ctx).WithError(err).Errorf("Failed to remove network namespace %s for sandbox %q", sandbox.NetNSPath, id) log.G(ctx).WithError(err).Errorf("Failed to remove network namespace %s for sandbox %q", sandbox.NetNSPath, id)
} }
sandbox.NetNSPath = "" sandbox.NetNSPath = ""
} }
}() }()
// Setup network for sandbox. // Setup network for sandbox.
// Certain VM based solutions like clear containers (Issue containerd/cri-containerd#524) // Certain VM based solutions like clear containers (Issue containerd/cri-containerd#524)
// rely on the assumption that CRI shim will not be querying the network namespace to check the // rely on the assumption that CRI shim will not be querying the network namespace to check the
@ -140,14 +146,6 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
if err := c.setupPodNetwork(ctx, &sandbox); err != nil { if err := c.setupPodNetwork(ctx, &sandbox); err != nil {
return nil, errors.Wrapf(err, "failed to setup network for sandbox %q", id) return nil, errors.Wrapf(err, "failed to setup network for sandbox %q", id)
} }
defer func() {
if retErr != nil {
// Teardown network if an error is returned.
if err := c.teardownPodNetwork(ctx, sandbox); err != nil {
log.G(ctx).WithError(err).Errorf("Failed to destroy network for sandbox %q", id)
}
}
}()
} }
// Create sandbox container. // Create sandbox container.
@ -328,10 +326,6 @@ func (c *criService) setupPodNetwork(ctx context.Context, sandbox *sandboxstore.
sandbox.CNIResult = result sandbox.CNIResult = result
return nil return nil
} }
// If it comes here then the result was invalid so destroy the pod network and return error
if err := c.teardownPodNetwork(ctx, *sandbox); err != nil {
log.G(ctx).WithError(err).Errorf("Failed to destroy network for sandbox %q", id)
}
return errors.Errorf("failed to find network info for sandbox %q", id) return errors.Errorf("failed to find network info for sandbox %q", id)
} }