Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Try to use pidfd and epoll to wait init process exit #4517

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

lifubang
Copy link
Member

@lifubang lifubang commented Nov 9, 2024

This PR does some optimizations for runc delete -f.

  1. Nowadays, go runtime has tried to use unix.PidFDSendSignal to send signal to the process,
    this is helpful to reduce the risk of pid reuse attack. So we should replace unix.Kill with
    os.Process.Signal in runc when possible.
  2. But os.Process.Wait is used to wait the child process, to wait a unrelated process, we
    should introduce pidfd & epoll to reduce the sleep time when we want to detect the init
    process exited or not.
  3. For the kernel which doesn't support pidfd & epoll solution, we will fall back to the traditional
    unix.Kill solution, but for stopped containers or containers running in a low load machine,
    we don't need to wait 100ms to do the next detection.

Close: #4512

Because we should switch to unix.PidFDSendSignal in new kernels, it has
been supported in go runtime. We don't need to add fall back to
unix.Kill code here.

Signed-off-by: lfbzhm <lifubang@acmcoder.com>
@lifubang
Copy link
Member Author

lifubang commented Nov 9, 2024

@abel-von PTAL

@kolyshkin
Copy link
Contributor

It seems that the first commit can be merged now and is definitely an improvement.

For the rest of it, give me a few days to review.

return nil
}

logrus.Debugf("pidfd & epoll failed with an error: %v, fall back to unix.Signal.\n", err)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: no need for \n here.

@kolyshkin
Copy link
Contributor

Reviewing this reminded me the next step needed for pidfd support in Go, so I wrote this proposal: golang/go#70352

@lifubang
Copy link
Member Author

Reviewing this reminded me the next step needed for pidfd support in Go, so I wrote this proposal: golang/go#70352

Wonderful proposal, I used to think that golang wouldn't support similar interfaces, but I think it's very useful, looking forward its coming.

lifubang and others added 2 commits November 15, 2024 00:08
Signed-off-by: lfbzhm <lifubang@acmcoder.com>
When using unix.Kill to kill the container, we need a for loop to detect
the init process exited or not manually, we sleep 100ms each time in the
current, but for stopped containers or containers running in a low load
machine, we don't need to wait so long time. This change will reduce the
delete delay in some situations, especially for those pods with many
containers in.

Co-authored-by: Abel Feng <fshb1988@gmail.com>
Signed-off-by: lfbzhm <lifubang@acmcoder.com>

// Kill kills the container and wait the init process exit.
func (c *Container) Kill() error {
if c.config.Namespaces.IsPrivate(configs.NEWPID) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might make sense to explain the reason for this "if". Something like "when the container doesn't have a private pidns, we have to kill every process in the cgroup, which killViaPidfd can't do".

return errors.New("container init still running")
}

// Kill kills the container and wait the init process exit.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

... and waits for the init process to exit.


events := make([]unix.EpollEvent, 1)
for {
// Set the timeout to 10s, the same as the traditional unix.Signal solution.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

... the same as in kill below

Comment on lines 61 to +83
}
// When --force is given, we kill all container processes and
// then destroy the container. This is done even for a stopped
// container, because (in case it does not have its own PID
// namespace) there may be some leftover processes in the
// container's cgroup.
if force {
return killContainer(container)
}

s, err := container.Status()
if err != nil {
return err
}
switch s {
case libcontainer.Stopped:
// For a stopped container, because (in case it does not have
// its own PID namespace) there may be some leftover processes
// in the container's cgroup.
if !container.Config().Namespaces.IsPrivate(configs.NEWPID) {
return killContainer(container)
}
return container.Destroy()
case libcontainer.Created:
return killContainer(container)
default:
// When --force is given, we kill all container processes and
// then destroy the container.
if force {
return killContainer(container)
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unless I'm missing something, commit description doesn't describe this change.

I also remember breaking something than I moved this code around. Ah! It was commit 29283bb. I hope this change won't result in some sort of regression :)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, OK, you said in the commit message that you don't want to wait in case of a stopped container.

Comment on lines +72 to 75
if !container.Config().Namespaces.IsPrivate(configs.NEWPID) {
return killContainer(container)
}
return container.Destroy()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe drop killContainer entirely here and just call container.Kill() and then container.Destroy()? The code is more readable this way.

Or, rename killContainer to killAndDestroy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants