github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Do not remove sandbox when netns is not closed.

Browse Source 
Signed-off-by: Lantao Liu <lantaol@google.com>
This commit is contained in:
Lantao Liu
2017-11-21 01:22:19 +00:00
parent 74df3cc146
commit 76268ea242
3 changed files with 70 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/server/sandbox_remove.go
View File

@@ -47,7 +47,6 @@ func (c *criContainerdService) RemovePodSandbox(ctx context.Context, r *runtime.
id := sandbox.ID
// Return error if sandbox container is not fully stopped.
// TODO(random-liu): [P0] Make sure network is torn down, may need to introduce a state.
_, err = sandbox.Container.Task(ctx, nil)
if err != nil && !errdefs.IsNotFound(err) {
return nil, fmt.Errorf("failed to get sandbox container info for %q: %v", id, err)
@@ -56,6 +55,11 @@ func (c *criContainerdService) RemovePodSandbox(ctx context.Context, r *runtime.
return nil, fmt.Errorf("sandbox container %q is not fully stopped", id)
}
// Return error if sandbox network namespace is not closed yet.
if sandbox.NetNS != nil && !sandbox.NetNS.Closed() {
return nil, fmt.Errorf("sandbox network namespace %q is not fully closed", sandbox.NetNS.GetPath())
}
// Remove all containers inside the sandbox.
// NOTE(random-liu): container could still be created after this point, Kubelet should
// not rely on this behavior.