github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Fix cleanup context of teardownPodNetwork

Browse Source 
Similar to other deferred cleanup operations, teardownPodNetwork should
use a different context as the original context may have expired,
otherwise CNI wouldn't been invoked, leading to leak of network
resources, e.g. IP addresses.

Signed-off-by: Quan Tian <qtian@vmware.com>
This commit is contained in:
Quan Tian 2021-06-04 19:13:53 +08:00
parent e2f784269d
commit 728743eb28
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/cri/server/sandbox_run.go
View File

@ -132,8 +132,10 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
sandbox.NetNSPath = sandbox.NetNS.GetPath() sandbox.NetNSPath = sandbox.NetNS.GetPath()
defer func() { defer func() {
if retErr != nil { if retErr != nil {
deferCtx, deferCancel := ctrdutil.DeferContext()
defer deferCancel()
// Teardown network if an error is returned. // Teardown network if an error is returned.
if err := c.teardownPodNetwork(ctx, sandbox); err != nil { if err := c.teardownPodNetwork(deferCtx, sandbox); err != nil {
log.G(ctx).WithError(err).Errorf("Failed to destroy network for sandbox %q", id) log.G(ctx).WithError(err).Errorf("Failed to destroy network for sandbox %q", id)
} }