Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/containerd/containerd/issues/5768 below:

Containerd IP leakage · Issue #5768 · containerd/containerd · GitHub

Description

We see a problem in production that containerd may leak IP on the node.

Steps to reproduce the issue:

• When pod network setup is quite slow, RunPodSandbox may timeout or fail;
• Once RunPodSandbox fails, it tries to teardown the pod network in defer;
• However, because CNI is slow, the teardown also failed;
• At this point, the pod sandbox is gone, but the network is not properly tore down.

Proposed solution
We should probably change how RunPodSandbox works.

It should:

1. Create the sandbox container first;
2. Setup network for the sandbox container;
3. Create the sandbox container task.

In this way, when there is any issue in RunPodSandbox, we can still try to cleanup in defer. However, if any cleanup step failed, the sandbox container on disk can still represent the sandbox, and kubelet will try to guarantee it is properly cleaned up eventually.

MrHohn, lyveng, vreon, justin0u0, BSWANG and 7 more

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4