summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Heon <mheon@redhat.com>2018-11-28 12:24:14 -0500
committerMatthew Heon <mheon@redhat.com>2018-12-06 09:10:45 -0500
commita0c9be20617a871c6cb61f27516565af36338d7a (patch)
treeef09e2cd5bda4a87fc6c8b3ac735cdf6615065b0
parent75b19ca8abe1957f3c48035767960a6b20c10519 (diff)
downloadpodman-a0c9be20617a871c6cb61f27516565af36338d7a.tar.gz
podman-a0c9be20617a871c6cb61f27516565af36338d7a.tar.bz2
podman-a0c9be20617a871c6cb61f27516565af36338d7a.zip
Add --sync option to podman rm
With the changes made recently to ensure Podman does not hit the OCI runtime as often to sync state, we can find ourselves in a situation where the runtime's state does not match ours. Add a --sync flag to podman rm to ensure we can still remove containers when this happens. Signed-off-by: Matthew Heon <mheon@redhat.com>
-rw-r--r--cmd/podman/rm.go10
-rw-r--r--completions/bash/podman1
-rw-r--r--docs/podman-rm.1.md7
-rw-r--r--libpod/container_api.go22
4 files changed, 29 insertions, 11 deletions
diff --git a/cmd/podman/rm.go b/cmd/podman/rm.go
index 7c0569b78..224df4543 100644
--- a/cmd/podman/rm.go
+++ b/cmd/podman/rm.go
@@ -21,6 +21,10 @@ var (
},
LatestFlag,
cli.BoolFlag{
+ Name: "sync",
+ Usage: "Sync container state with OCI runtime before removing",
+ },
+ cli.BoolFlag{
Name: "volumes, v",
Usage: "Remove the volumes associated with the container (Not implemented yet)",
},
@@ -73,6 +77,12 @@ func rmCmd(c *cli.Context) error {
for _, container := range delContainers {
con := container
f := func() error {
+ if c.Bool("sync") {
+ if err := con.Sync(); err != nil {
+ return err
+ }
+ }
+
return runtime.RemoveContainer(ctx, con, c.Bool("force"))
}
diff --git a/completions/bash/podman b/completions/bash/podman
index 9518cfa22..21d35949d 100644
--- a/completions/bash/podman
+++ b/completions/bash/podman
@@ -1828,6 +1828,7 @@ _podman_rm() {
-h
--latest
-l
+ --sync
--volumes
-v
"
diff --git a/docs/podman-rm.1.md b/docs/podman-rm.1.md
index 56664a8c1..7f22113ea 100644
--- a/docs/podman-rm.1.md
+++ b/docs/podman-rm.1.md
@@ -24,6 +24,13 @@ Remove all containers. Can be used in conjunction with -f as well.
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
+**--sync**
+
+Force a sync of container state with the OCI runtime before attempting to remove.
+In some cases, a container's state in the runtime can become out of sync with Podman's state,
+which can cause Podman to refuse to remove containers because it believes they are still running.
+A sync will resolve this issue.
+
**--volumes, -v**
Remove the volumes associated with the container. (Not yet implemented)
diff --git a/libpod/container_api.go b/libpod/container_api.go
index bc92cae69..ee060ad6a 100644
--- a/libpod/container_api.go
+++ b/libpod/container_api.go
@@ -675,22 +675,22 @@ func (c *Container) Batch(batchFunc func(*Container) error) error {
return err
}
-// Sync updates the current state of the container, checking whether its state
-// has changed
-// Sync can only be used inside Batch() - otherwise, it will be done
-// automatically.
-// When called outside Batch(), Sync() is a no-op
+// Sync updates the status of a container by querying the OCI runtime.
+// If the container has not been created inside the OCI runtime, nothing will be
+// done.
+// Most of the time, Podman does not explicitly query the OCI runtime for
+// container status, and instead relies upon exit files created by conmon.
+// This can cause a disconnect between running state and what Podman sees in
+// cases where Conmon was killed unexpected, or runc was upgraded.
+// Running a manual Sync() ensures that container state will be correct in
+// such situations.
func (c *Container) Sync() error {
- if !c.batched {
- return nil
- }
-
// If runtime knows about the container, update its status in runtime
// And then save back to disk
if (c.state.State != ContainerStateUnknown) &&
- (c.state.State != ContainerStateConfigured) {
+ (c.state.State != ContainerStateConfigured) &&
+ (c.state.State != ContainerStateExited) {
oldState := c.state.State
- // TODO: optionally replace this with a stat for the exit file
if err := c.runtime.ociRuntime.updateContainerStatus(c, true); err != nil {
return err
}