diff options
Diffstat (limited to 'libpod/container_internal.go')
| -rw-r--r-- | libpod/container_internal.go | 37 |
1 files changed, 29 insertions, 8 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 37801162a..46c83149a 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -84,7 +84,7 @@ func (c *Container) rootFsSize() (int64, error) { return size + layerSize, err } -// rwSize Gets the size of the mutable top layer of the container. +// rwSize gets the size of the mutable top layer of the container. func (c *Container) rwSize() (int64, error) { if c.config.Rootfs != "" { var size int64 @@ -103,14 +103,16 @@ func (c *Container) rwSize() (int64, error) { return 0, err } - // Get the size of the top layer by calculating the size of the diff - // between the layer and its parent. The top layer of a container is - // the only RW layer, all others are immutable - layer, err := c.runtime.store.Layer(container.LayerID) + // The top layer of a container is + // the only readable/writeable layer, all others are immutable. + rwLayer, err := c.runtime.store.Layer(container.LayerID) if err != nil { return 0, err } - return c.runtime.store.DiffSize(layer.Parent, layer.ID) + + // Get the size of the top layer by calculating the size of the diff + // between the layer and its parent. + return c.runtime.store.DiffSize(rwLayer.Parent, rwLayer.ID) } // bundlePath returns the path to the container's root filesystem - where the OCI spec will be @@ -1129,9 +1131,14 @@ func (c *Container) start() error { } // Internal, non-locking function to stop container -func (c *Container) stop(timeout uint, all bool) error { +func (c *Container) stop(timeout uint) error { logrus.Debugf("Stopping ctr %s (timeout %d)", c.ID(), timeout) + // If the container is running in a PID Namespace, then killing the + // primary pid is enough to kill the container. If it is not running in + // a pid namespace then the OCI Runtime needs to kill ALL processes in + // the containers cgroup in order to make sure the container is stopped. + all := !c.hasNamespace(spec.PIDNamespace) // We can't use --all if CGroups aren't present. // Rootless containers with CGroups v1 and NoCgroups are both cases // where this can happen. @@ -1188,6 +1195,7 @@ func (c *Container) pause() error { } if err := c.ociRuntime.PauseContainer(c); err != nil { + // TODO when using docker-py there is some sort of race/incompatibility here return err } @@ -1205,6 +1213,7 @@ func (c *Container) unpause() error { } if err := c.ociRuntime.UnpauseContainer(c); err != nil { + // TODO when using docker-py there is some sort of race/incompatibility here return err } @@ -1225,7 +1234,7 @@ func (c *Container) restartWithTimeout(ctx context.Context, timeout uint) (err e if c.state.State == define.ContainerStateRunning { conmonPID := c.state.ConmonPID - if err := c.stop(timeout, false); err != nil { + if err := c.stop(timeout); err != nil { return err } // Old versions of conmon have a bug where they create the exit file before @@ -1895,3 +1904,15 @@ func (c *Container) reapExecSessions() error { } return lastErr } + +func (c *Container) hasNamespace(namespace spec.LinuxNamespaceType) bool { + if c.config.Spec == nil || c.config.Spec.Linux == nil { + return false + } + for _, n := range c.config.Spec.Linux.Namespaces { + if n.Type == namespace { + return true + } + } + return false +} |