New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] do not open stdin fifo when exec #10082
base: main
Are you sure you want to change the base?
Conversation
Hi @yuqitao. Thanks for your PR. I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@@ -208,11 +208,6 @@ func (e *execProcess) start(ctx context.Context) (err error) { | |||
close(e.waitBlock) | |||
return e.parent.runtimeError(err, "OCI runtime exec failed") | |||
} | |||
if e.stdio.Stdin != "" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think it's correct. containerd supports exec operation with input. Please add your motivation. Thanks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sc, err := fifo.OpenFifo(context.Background(), path, syscall.O_WRONLY|syscall.O_NONBLOCK, 0) |
openStdin
opens fifo with O_WRONLY
,which is only used to hold fifo write endpoint. For init process,it is important to prevent init process sigpipe
when restart containerd, but for exec process, when restart containerd, exec process quit is what we want. Stdin copy for exec process parent.Platform.CopyConsole
and pio.Copy
will open stdin fifo with O_RDONLY
in their own logic.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I want to use this patch to solve pty
device leak in CopyConsole
. When restart containerd, there is no fifo write endpoint, copy stdin goroutine in CopyConsole
will read EOF
, and shutdown epollConsole
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Synced with @yuqitao offline. I think the right approach is to implement exec operation's GC in CRI level or high-level plugin. The cleanup should be handled async. Since pod exec probe can go crazy, shim could have a lot of running exec processes. It could take time to cleanup. To avoid slow starting, we should handle it async.
fix #8856 (comment)