-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The removal of container root directory should be after poststop run successfully. #4363
Comments
In runtime-spec, it says: Please see: |
So I think it's not a bug. If you want change this behavior, you should open a PR in runtime-spec first. BTW, there is another bug for Please see: But maybe the behavior would be redefined in the future, because there is a similar bug for |
This implies that all poststop hook can not fail, because even it is failed the platform can not do retry.
Maybe we can make a correspond change to the |
How do you do that? Please make the steps easy to follow, provide as much info as possible so someone can just follow some steps, instead of search how to do X or Y. The whole point of the steps to repro is to avoid that. I didn't know there was a way to ask containerd to set OCI hooks without an external tool (like a wrapper for the oci-runtime that adds the hooks). |
Description
Hi, We recently added a runc hook to manage our special devices, and ran into a problem.
If our post stop hook run failed(maybe because the resource is still not ready to be recycled), we expect the containerd or kubelet could retry
runc delete
and when the hook can return success,runc delete
succeed, and all the resources will be recycled, with nothing residual.but actually we found that when the second time containerd call
runc delete
, the container root directory is removed and aNotFound
error returned, so that containerd will consider the container removed normally. but actually the post stop hook never be called successfully.I am wondering maybe we can change the removal of root directory to after the hook called.
Steps to reproduce the issue
Describe the results you received and expected
expected:
deletion of the container should fail until the hook can be executed succeessfuly.
received:
container is removed, but the hook is never called with a success, so with resources residual.
What version of runc are you using?
The newest version
Host OS information
I think all os is effected.
Host kernel information
all kernel versions
The text was updated successfully, but these errors were encountered: