Skip to content

Commit

Permalink
sandbox: Stop and clean up containers that fail to create
Browse files Browse the repository at this point in the history
A container that is created and added to a sandbox can still fail
the final creation steps. In this case, the container must be stopped
and have its resources cleaned up to prevent leaking sandbox mounts.

Fixes kata-containers#2816

Signed-off-by: Evan Foster <efoster@adobe.com>
(cherry picked from commit 337f2e0)
  • Loading branch information
Evan Foster committed Jul 20, 2020
1 parent 6b3e88a commit 4b96dcf
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions virtcontainers/sandbox.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
// Copyright (c) 2016 Intel Corporation
// Copyright (c) 2020 Adobe Inc.
//
// SPDX-License-Identifier: Apache-2.0
//
Expand Down Expand Up @@ -1166,6 +1167,16 @@ func (s *Sandbox) CreateContainer(contConfig ContainerConfig) (VCContainer, erro
defer func() {
// Rollback if error happens.
if err != nil {
logger := s.Logger().WithFields(logrus.Fields{"container-id": c.id, "sandox-id": s.id, "rollback": true})

logger.Warning("Cleaning up partially created container")

if err2 := c.stop(true); err2 != nil {
logger.WithError(err2).Warning("Could not delete container")
}

logger.Debug("Removing stopped container from sandbox store")

s.removeContainer(c.id)
}
}()
Expand Down

0 comments on commit 4b96dcf

Please sign in to comment.