From 57869f377bb2da6a211c5baf22daa0de8dcf825e Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Thu, 18 Jul 2019 08:59:44 -0400 Subject: Remove exec PID files after use to prevent memory leaks We have another patch running to do the same for exit files, with a much more in-depth explanation of why it's necessary. Suffice to say that persistent files in tmpfs tied to container CGroups lead to significant memory allocations that last for the lifetime of the file. Based on a patch by Andrea Arcangeli (aarcange@redhat.com). Signed-off-by: Matthew Heon --- libpod/container_api.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/libpod/container_api.go b/libpod/container_api.go index 832801aeb..fe66abf7a 100644 --- a/libpod/container_api.go +++ b/libpod/container_api.go @@ -345,6 +345,11 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user, workDir if err != nil { if exited { // If the runtime exited, propagate the error we got from the process. + // We need to remove PID files to ensure no memory leaks + if err2 := os.Remove(pidFile); err2 != nil { + logrus.Errorf("Error removing exit file for container %s exec session %s: %v", c.ID(), sessionID, err2) + } + return err } return errors.Wrapf(err, "timed out waiting for runtime to create pidfile for exec session in container %s", c.ID()) @@ -352,6 +357,10 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user, workDir // Pidfile exists, read it contents, err := ioutil.ReadFile(pidFile) + // We need to remove PID files to ensure no memory leaks + if err2 := os.Remove(pidFile); err2 != nil { + logrus.Errorf("Error removing exit file for container %s exec session %s: %v", c.ID(), sessionID, err2) + } if err != nil { // We don't know the PID of the exec session // However, it may still be alive -- cgit v1.2.3-54-g00ecf