[WIP] do not open stdin fifo when exec #10082
Conversation
|
Hi @yuqitao. Thanks for your PR. I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
yuqitao
changed the title
| @@ -208,11 +208,6 @@ func (e *execProcess) start(ctx context.Context) (err error) { | |||
| close(e.waitBlock) | |||
| return e.parent.runtimeError(err, "OCI runtime exec failed") | |||
| } | |||
| if e.stdio.Stdin != "" { | |||
There was a problem hiding this comment.
I don't think it's correct. containerd supports exec operation with input. Please add your motivation. Thanks
There was a problem hiding this comment.
openStdin opens fifo with O_WRONLY,which is only used to hold fifo write endpoint. For init process,it is important to prevent init process sigpipe when restart containerd, but for exec process, when restart containerd, exec process quit is what we want. Stdin copy for exec process parent.Platform.CopyConsole and pio.Copy will open stdin fifo with O_RDONLY in their own logic.
There was a problem hiding this comment.
I want to use this patch to solve pty device leak in CopyConsole. When restart containerd, there is no fifo write endpoint, copy stdin goroutine in CopyConsole will read EOF, and shutdown epollConsole.
There was a problem hiding this comment.
Synced with @yuqitao offline. I think the right approach is to implement exec operation's GC in CRI level or high-level plugin. The cleanup should be handled async. Since pod exec probe can go crazy, shim could have a lot of running exec processes. It could take time to cleanup. To avoid slow starting, we should handle it async.
fix #8856 (comment)