From 9e5175b06ca432f3d8a657aeed946d7c8c486345 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Thu, 18 Jul 2019 08:59:44 -0400 Subject: Remove exec PID files after use to prevent memory leaks We have another patch running to do the same for exit files, with a much more in-depth explanation of why it's necessary. Suffice to say that persistent files in tmpfs tied to container CGroups lead to significant memory allocations that last for the lifetime of the file. Based on a patch by Andrea Arcangeli (aarcange@redhat.com). Signed-off-by: Matthew Heon --- libpod/container_api.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/libpod/container_api.go b/libpod/container_api.go index c52b27db3..1de956521 100644 --- a/libpod/container_api.go +++ b/libpod/container_api.go @@ -301,6 +301,11 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user, workDir if err != nil { if exited { // If the runtime exited, propagate the error we got from the process. + // We need to remove PID files to ensure no memory leaks + if err2 := os.Remove(pidFile); err2 != nil { + logrus.Errorf("Error removing exit file for container %s exec session %s: %v", c.ID(), sessionID, err2) + } + return err } return errors.Wrapf(err, "timed out waiting for runtime to create pidfile for exec session in container %s", c.ID()) @@ -308,6 +313,10 @@ func (c *Container) Exec(tty, privileged bool, env, cmd []string, user, workDir // Pidfile exists, read it contents, err := ioutil.ReadFile(pidFile) + // We need to remove PID files to ensure no memory leaks + if err2 := os.Remove(pidFile); err2 != nil { + logrus.Errorf("Error removing exit file for container %s exec session %s: %v", c.ID(), sessionID, err2) + } if err != nil { // We don't know the PID of the exec session // However, it may still be alive -- cgit v1.2.3-54-g00ecf