5280b56d80
runtime: 0079-kata-runtime-fix-qemu-SCSIBus-info-not-saved-into-pe.patch 0080-kata-runtime-fix-the-block-device-not-removed-in-dev.patch 0081-kata-runtime-cut-too-long-message-in-grpc-log.patch 0082-kata-runtime-change-sandbox-state-to-unhealthy-when-.patch 0083-kata-runtime-add-removeMountBlockDevices-for-contain.patch 0084-kata-runtime-fix-validInterface-func-cause-crash-pro.patch 0085-kata-runtime-fix-kata-netmon-does-not-exit-when-cont.patch 0086-kata-runtime-add-checkCPUSet-before-create-container.patch 0087-kata-runtime-force-delete-the-sandbox-and-container.patch 0088-kata-runtime-check-sandbox-healthy-state-before-call.patch 0089-kata-add-support-for-update-iface.patch 0090-kata-set-sandbox-or-container-status-to-unhealthy.patch 0091-kata-runtime-add-sandbox-file-lock-while-call-GetSan.patch 0092-qemu-add-arm64-to-support-list-of-dimm.patch 0093-kata-runtime-add-timeout-for-grpcWaitProcessRequest.patch 0094-kata-runtime-fix-update-iface-clean-NIC-cause-route-.patch 0095-kata-runtime-fix-qemu-process-resource-resi.patch 0096-kata-containers-Move-from-query-cpus-to-query-cpus-f.patch agent: 0021-kata-agent-fix-sync-clock-not-work-problem.patch 0022-kata-agent-delete-container-id-from-sandbox-struct.patch 0023-kata-agent-modify-log-level.patch 0024-kata-agent-fix-agent.debug_console-not-work-when-bui.patch Signed-off-by: Vanient <xiadanni1@huawei.com> (cherry picked from commit f2d936028666741658157472b8de9d02187c6d55)
116 lines
3.8 KiB
Diff
116 lines
3.8 KiB
Diff
From 7ec457ebbbeeeaa7f130b45a2533c8459cba2913 Mon Sep 17 00:00:00 2001
|
|
From: yangfeiyu <yangfeiyu2@huawei.com>
|
|
Date: Fri, 5 Feb 2021 16:41:36 +0800
|
|
Subject: [PATCH] kata: set sandbox or container status to unhealthy
|
|
|
|
reason: set sandbox or container status to unhealthy when
|
|
the cmdline is kill or delete, the unhealthy flag is used
|
|
to totally clean the resources of stopped container
|
|
|
|
Conflict: NA
|
|
Reference:https://gitee.com/src-openeuler/kata-containers
|
|
|
|
Signed-off-by: yangfeiyu <yangfeiyu2@huawei.com>
|
|
---
|
|
virtcontainers/api.go | 69 +++++++++++++++++++++++++++++++++++--------
|
|
1 file changed, 57 insertions(+), 12 deletions(-)
|
|
|
|
diff --git a/virtcontainers/api.go b/virtcontainers/api.go
|
|
index dea0f5b..0223e0c 100644
|
|
--- a/virtcontainers/api.go
|
|
+++ b/virtcontainers/api.go
|
|
@@ -24,6 +24,7 @@ import (
|
|
"github.com/kata-containers/runtime/virtcontainers/utils"
|
|
specs "github.com/opencontainers/runtime-spec/specs-go"
|
|
opentracing "github.com/opentracing/opentracing-go"
|
|
+ "github.com/prometheus/procfs"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
@@ -639,19 +640,22 @@ func statusContainer(sandbox *Sandbox, containerID string) (ContainerStatus, err
|
|
|
|
// If sandbox is unhealthy, process it correctly
|
|
if !sandbox.health() {
|
|
- // process podSandbox container type case
|
|
- if isPodSandbox {
|
|
- if err := processUnhealthySandbox(sandbox, container); err != nil {
|
|
- return ContainerStatus{}, err
|
|
+ printHypervisorStatus(sandbox)
|
|
+ if isCurrentCmdKillOrDelete() {
|
|
+ // process podSandbox container type case
|
|
+ if isPodSandbox {
|
|
+ if err := processUnhealthySandbox(sandbox, container); err != nil {
|
|
+ return ContainerStatus{}, err
|
|
+ }
|
|
+ } else {
|
|
+ // If container type is pod_container, which means container operations can not be
|
|
+ // processed successfully, we should return the error as soon as possible
|
|
+ if err := container.setContainerState(types.StateUnhealthy); err != nil {
|
|
+ return ContainerStatus{}, err
|
|
+ }
|
|
+
|
|
+ return ContainerStatus{}, fmt.Errorf("container status is unhealthy, stop container failed")
|
|
}
|
|
- } else {
|
|
- // If container type is pod_container, which means container operations can not be
|
|
- // processed successfully, we should return the error as soon as possible
|
|
- if err := container.setContainerState(types.StateUnhealthy); err != nil {
|
|
- return ContainerStatus{}, err
|
|
- }
|
|
-
|
|
- return ContainerStatus{}, fmt.Errorf("container status is unhealthy, stop container failed")
|
|
}
|
|
}
|
|
}
|
|
@@ -670,6 +674,47 @@ func statusContainer(sandbox *Sandbox, containerID string) (ContainerStatus, err
|
|
// No matching containers in the sandbox
|
|
return ContainerStatus{}, nil
|
|
}
|
|
+func printHypervisorStatus(s *Sandbox) {
|
|
+ pids := s.hypervisor.getPids()
|
|
+
|
|
+ for _, pid := range pids {
|
|
+ if pid <= 0 {
|
|
+ virtLog.Logger.Errorf("Sandbox %v with invalid hypervisor PID: %+v", s.id, pids)
|
|
+ continue
|
|
+ }
|
|
+
|
|
+ proc, err := procfs.NewProc(pid)
|
|
+ if err != nil {
|
|
+ virtLog.Logger.Warnf("New proc of pid %v failed", pid)
|
|
+ }
|
|
+
|
|
+ stat, err := proc.NewStat()
|
|
+ virtLog.Logger.Debugf("The status of pid %v is %#v, and err is %v", pid, stat, err)
|
|
+ }
|
|
+}
|
|
+
|
|
+func isCurrentCmdKillOrDelete() bool {
|
|
+ pid := os.Getpid()
|
|
+ proc, err := procfs.NewProc(pid)
|
|
+ if err != nil {
|
|
+ virtLog.Logger.Warnf("New proc of currrent process %v failed", pid)
|
|
+ return false
|
|
+ }
|
|
+
|
|
+ lines, err := proc.CmdLine()
|
|
+ if err != nil {
|
|
+ virtLog.Logger.Errorf("Get cmd line of currrent process %v failed", pid)
|
|
+ }
|
|
+
|
|
+ for _, v := range lines {
|
|
+ if v == "kill" || v == "delete" {
|
|
+ virtLog.Logger.Debugf("The cmdline is kill or delete %v", lines)
|
|
+ return true
|
|
+ }
|
|
+ }
|
|
+
|
|
+ return false
|
|
+}
|
|
|
|
// KillContainer is the virtcontainers entry point to send a signal
|
|
// to a container running inside a sandbox. If all is true, all processes in
|
|
--
|
|
2.23.0
|
|
|