[release/0.8] Cherry-pick Dualstack support checks #1003#1136
Closed
jsturtevant wants to merge 5 commits intomicrosoft:masterfrom
Closed
[release/0.8] Cherry-pick Dualstack support checks #1003#1136jsturtevant wants to merge 5 commits intomicrosoft:masterfrom
jsturtevant wants to merge 5 commits intomicrosoft:masterfrom
Conversation
This changes the behavior when the shim is invoked with the "delete" command line argument. Previously, the delete path did two things it should not: - Attempted to locate the sandbox container for the pod and delete it as well. This meant if "shim delete" was invoked for a workload container, it could bring down the whole pod. The only reason we did not see this in the past is that prior to containerd 1.5 "shim delete" was not called for successful container stop operations. - Deleted the bundle directory. We shouldn't do this in the shim, as containerd does it itself. For reference on what the Linux shim does, see here: https://github.com/containerd/containerd/blob/master/runtime/v2/runc/v2/service.go#L291 Signed-off-by: Kevin Parsons <kevpar@microsoft.com> (cherry picked from commit 450cdb1) Signed-off-by: Kevin Parsons <kevpar@microsoft.com>
[release/0.8] shim: Clean up delete invocation behavior
Previously, certain error check functions like IsAlreadyStopped returned true if the error was ERROR_PROC_NOT_FOUND. Based on the comment in the file, this was intended to be used to indicate a case where the process could not be found. However, it seems this may have been added erroneously. ERROR_PROC_NOT_FOUND is actually typically used to mean that a _procedure_ lookup failed, and has nothing to do with processes. The original change[1] to check against ERROR_PROC_NOT_FOUND was made five years ago, and did not contain much information on why this error would be returned. We are removing this now based on several factors: - We are not aware of any condition where HCS would intentionally return ERROR_PROC_NOT_FOUND to indicate a condition "process does not exist". - There is an issue where HcsShutdownComputeSystem sometimes returns ERROR_PROC_NOT_FOUND due to something failing internally. The current error checks are causing this to be treated as "the container has already exited", causing moby to not properly stop the container via HcsTerminateComputeSystem. This change leaves the definition for ErrProcNotFound in the code, as it may be used by external callers, but fixes its comment. [1]: See commit 0ae7e7e Signed-off-by: Kevin Parsons <kevpar@microsoft.com> (cherry picked from commit d78544d) Signed-off-by: Kevin Parsons <kevpar@microsoft.com>
[release/0.8] Remove ERROR_PROC_NOT_FOUND from error checks
Contributor
Author
|
that didn't come out right but looks like it was already included so will close this included in https://github.com/microsoft/hcsshim/releases/tag/v0.8.17 |
Contributor
|
@jsturtevant This looks like it's pulling in some other commits that are already present in release/0.8 |
Contributor
|
Oop, just got closed haha |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This includes a fix for checking if dual stack is supported, we current have a work around https://github.com/jsturtevant/kubernetes/blob/d5d9327351de99e6068f62efb388a6ede38d944e/pkg/proxy/winkernel/proxier.go#L223-L234
From:
#1003