From bef81a6fe7faff6b1aa151655136c91bbe84d26c Mon Sep 17 00:00:00 2001 From: Kathryn Baldauf Date: Mon, 30 Aug 2021 15:28:36 -0700 Subject: [PATCH] Fixup logic for sandbox and container cleanup on failure Signed-off-by: Kathryn Baldauf --- .../guest/runtime/hcsv2/sandbox_container.go | 5 +++ .../runtime/hcsv2/standalone_container.go | 5 +++ internal/guest/runtime/hcsv2/uvm.go | 33 ++++++++++++------- 3 files changed, 32 insertions(+), 11 deletions(-) diff --git a/internal/guest/runtime/hcsv2/sandbox_container.go b/internal/guest/runtime/hcsv2/sandbox_container.go index 887f823bd7..bba803f940 100644 --- a/internal/guest/runtime/hcsv2/sandbox_container.go +++ b/internal/guest/runtime/hcsv2/sandbox_container.go @@ -47,6 +47,11 @@ func setupSandboxContainerSpec(ctx context.Context, id string, spec *oci.Spec) ( if err := os.MkdirAll(rootDir, 0755); err != nil { return errors.Wrapf(err, "failed to create sandbox root directory %q", rootDir) } + defer func() { + if err != nil { + _ = os.RemoveAll(rootDir) + } + }() // Write the hostname hostname := spec.Hostname diff --git a/internal/guest/runtime/hcsv2/standalone_container.go b/internal/guest/runtime/hcsv2/standalone_container.go index 542fabe756..5586b2446c 100644 --- a/internal/guest/runtime/hcsv2/standalone_container.go +++ b/internal/guest/runtime/hcsv2/standalone_container.go @@ -43,6 +43,11 @@ func setupStandaloneContainerSpec(ctx context.Context, id string, spec *oci.Spec if err := os.MkdirAll(rootDir, 0755); err != nil { return errors.Wrapf(err, "failed to create container root directory %q", rootDir) } + defer func() { + if err != nil { + _ = os.RemoveAll(rootDir) + } + }() hostname := spec.Hostname if hostname == "" { diff --git a/internal/guest/runtime/hcsv2/uvm.go b/internal/guest/runtime/hcsv2/uvm.go index 2c1ddd303e..7e22535f51 100644 --- a/internal/guest/runtime/hcsv2/uvm.go +++ b/internal/guest/runtime/hcsv2/uvm.go @@ -128,11 +128,16 @@ func (h *Host) GetContainer(id string) (*Container, error) { return h.getContainerLocked(id) } -func setupSandboxMountsPath(id string) error { +func setupSandboxMountsPath(id string) (err error) { mountPath := getSandboxMountsDir(id) if err := os.MkdirAll(mountPath, 0755); err != nil { return errors.Wrapf(err, "failed to create sandboxMounts dir in sandbox %v", id) } + defer func() { + if err != nil { + _ = os.RemoveAll(mountPath) + } + }() return storage.MountRShared(mountPath) } @@ -158,39 +163,45 @@ func (h *Host) CreateContainer(ctx context.Context, id string, settings *prot.VM // Capture namespaceID if any because setupSandboxContainerSpec clears the Windows section. namespaceID = getNetworkNamespaceID(settings.OCISpecification) err = setupSandboxContainerSpec(ctx, id, settings.OCISpecification) + if err != nil { + return nil, err + } defer func() { if err != nil { - defer os.RemoveAll(getSandboxRootDir(id)) + _ = os.RemoveAll(getSandboxRootDir(id)) } }() - err = setupSandboxMountsPath(id) + if err = setupSandboxMountsPath(id); err != nil { + return nil, err + } case "container": sid, ok := settings.OCISpecification.Annotations["io.kubernetes.cri.sandbox-id"] if !ok || sid == "" { return nil, errors.Errorf("unsupported 'io.kubernetes.cri.sandbox-id': '%s'", sid) } - err = setupWorkloadContainerSpec(ctx, sid, id, settings.OCISpecification) + if err := setupWorkloadContainerSpec(ctx, sid, id, settings.OCISpecification); err != nil { + return nil, err + } defer func() { if err != nil { - defer os.RemoveAll(getWorkloadRootDir(id)) + _ = os.RemoveAll(getWorkloadRootDir(id)) } }() default: - err = errors.Errorf("unsupported 'io.kubernetes.cri.container-type': '%s'", criType) + return nil, errors.Errorf("unsupported 'io.kubernetes.cri.container-type': '%s'", criType) } } else { // Capture namespaceID if any because setupStandaloneContainerSpec clears the Windows section. namespaceID = getNetworkNamespaceID(settings.OCISpecification) - err = setupStandaloneContainerSpec(ctx, id, settings.OCISpecification) + if err := setupStandaloneContainerSpec(ctx, id, settings.OCISpecification); err != nil { + return nil, err + } defer func() { if err != nil { - os.RemoveAll(getStandaloneRootDir(id)) + _ = os.RemoveAll(getStandaloneRootDir(id)) } }() } - if err != nil { - return nil, err - } // Create the BundlePath if err := os.MkdirAll(settings.OCIBundlePath, 0700); err != nil {