summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Heon <mheon@redhat.com>2019-07-18 08:59:44 -0400
committerMatthew Heon <mheon@redhat.com>2019-07-18 09:06:11 -0400
commit5bbede9d9f5b5ba05bdfb9a20815df9622e9b8f9 (patch)
treea6dc49b292abd42ca3b12a1d656ea9d5335235d1
parent686da0d60c798d175af729ab27023f6a038be08f (diff)
downloadpodman-5bbede9d9f5b5ba05bdfb9a20815df9622e9b8f9.tar.gz
podman-5bbede9d9f5b5ba05bdfb9a20815df9622e9b8f9.tar.bz2
podman-5bbede9d9f5b5ba05bdfb9a20815df9622e9b8f9.zip
Remove exec PID files after use to prevent memory leaks
We have another patch running to do the same for exit files, with a much more in-depth explanation of why it's necessary. Suffice to say that persistent files in tmpfs tied to container CGroups lead to significant memory allocations that last for the lifetime of the file. Based on a patch by Andrea Arcangeli (aarcange@redhat.com). Signed-off-by: Matthew Heon <mheon@redhat.com>
-rw-r--r--libpod/container_api.go9
1 files changed, 9 insertions, 0 deletions
diff --git a/libpod/container_api.go b/libpod/container_api.go
index 3577b8e8c..ae181887e 100644
--- a/libpod/container_api.go
+++ b/libpod/container_api.go
@@ -305,6 +305,11 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user, workDir
if err != nil {
if exited {
// If the runtime exited, propagate the error we got from the process.
+ // We need to remove PID files to ensure no memory leaks
+ if err2 := os.Remove(pidFile); err2 != nil {
+ logrus.Errorf("Error removing exit file for container %s exec session %s: %v", c.ID(), sessionID, err2)
+ }
+
return err
}
return errors.Wrapf(err, "timed out waiting for runtime to create pidfile for exec session in container %s", c.ID())
@@ -312,6 +317,10 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user, workDir
// Pidfile exists, read it
contents, err := ioutil.ReadFile(pidFile)
+ // We need to remove PID files to ensure no memory leaks
+ if err2 := os.Remove(pidFile); err2 != nil {
+ logrus.Errorf("Error removing exit file for container %s exec session %s: %v", c.ID(), sessionID, err2)
+ }
if err != nil {
// We don't know the PID of the exec session
// However, it may still be alive