2016-11-22 22:23:01 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2017-11-09 10:10:35 +00:00
|
|
|
"time"
|
2016-11-22 22:23:01 +00:00
|
|
|
|
2017-05-21 13:47:01 +00:00
|
|
|
"github.com/containers/storage"
|
|
|
|
"github.com/docker/docker/pkg/mount"
|
|
|
|
"github.com/docker/docker/pkg/symlink"
|
2017-11-30 15:46:11 +00:00
|
|
|
"github.com/kubernetes-incubator/cri-o/lib/sandbox"
|
2016-11-22 22:23:01 +00:00
|
|
|
"github.com/kubernetes-incubator/cri-o/oci"
|
2017-05-21 13:47:01 +00:00
|
|
|
"github.com/opencontainers/selinux/go-selinux/label"
|
2017-08-02 15:17:45 +00:00
|
|
|
"github.com/pkg/errors"
|
2017-08-05 11:40:46 +00:00
|
|
|
"github.com/sirupsen/logrus"
|
2016-11-22 22:23:01 +00:00
|
|
|
"golang.org/x/net/context"
|
2017-05-21 13:47:01 +00:00
|
|
|
"golang.org/x/sys/unix"
|
2018-02-12 20:13:07 +00:00
|
|
|
pb "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
|
2016-11-22 22:23:01 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// StopPodSandbox stops the sandbox. If there are any running containers in the
|
|
|
|
// sandbox, they should be force terminated.
|
2017-11-09 10:10:35 +00:00
|
|
|
func (s *Server) StopPodSandbox(ctx context.Context, req *pb.StopPodSandboxRequest) (resp *pb.StopPodSandboxResponse, err error) {
|
|
|
|
const operation = "stop_pod_sandbox"
|
|
|
|
defer func() {
|
|
|
|
recordOperation(operation, time.Now())
|
|
|
|
recordError(operation, err)
|
|
|
|
}()
|
|
|
|
|
2016-11-22 22:23:01 +00:00
|
|
|
logrus.Debugf("StopPodSandboxRequest %+v", req)
|
2017-02-03 14:41:28 +00:00
|
|
|
sb, err := s.getPodSandboxFromRequest(req.PodSandboxId)
|
2016-11-22 22:23:01 +00:00
|
|
|
if err != nil {
|
2017-07-19 19:03:22 +00:00
|
|
|
if err == sandbox.ErrIDEmpty {
|
2017-05-20 13:14:51 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// If the sandbox isn't found we just return an empty response to adhere
|
|
|
|
// the the CRI interface which expects to not error out in not found
|
|
|
|
// cases.
|
|
|
|
|
2017-11-09 10:10:35 +00:00
|
|
|
resp = &pb.StopPodSandboxResponse{}
|
2017-05-20 13:14:51 +00:00
|
|
|
logrus.Warnf("could not get sandbox %s, it's probably been stopped already: %v", req.PodSandboxId, err)
|
2017-08-17 21:27:29 +00:00
|
|
|
logrus.Debugf("StopPodSandboxResponse %s: %+v", req.PodSandboxId, resp)
|
2017-05-20 13:14:51 +00:00
|
|
|
return resp, nil
|
2016-11-22 22:23:01 +00:00
|
|
|
}
|
|
|
|
|
2017-08-16 22:42:20 +00:00
|
|
|
if sb.Stopped() {
|
2017-11-09 10:10:35 +00:00
|
|
|
resp = &pb.StopPodSandboxResponse{}
|
2017-08-17 21:27:29 +00:00
|
|
|
logrus.Debugf("StopPodSandboxResponse %s: %+v", sb.ID(), resp)
|
|
|
|
return resp, nil
|
2017-08-16 22:42:20 +00:00
|
|
|
}
|
|
|
|
|
2017-09-11 19:15:33 +00:00
|
|
|
// Clean up sandbox networking and close its network namespace.
|
|
|
|
hostNetwork := sb.NetNsPath() == ""
|
|
|
|
s.networkStop(hostNetwork, sb)
|
2017-07-18 20:35:15 +00:00
|
|
|
if err := sb.NetNsRemove(); err != nil {
|
2016-11-23 17:16:21 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2017-09-11 19:15:33 +00:00
|
|
|
podInfraContainer := sb.InfraContainer()
|
2017-07-19 19:03:22 +00:00
|
|
|
containers := sb.Containers().List()
|
2016-11-22 22:23:01 +00:00
|
|
|
containers = append(containers, podInfraContainer)
|
|
|
|
|
|
|
|
for _, c := range containers {
|
2017-07-17 12:25:32 +00:00
|
|
|
cStatus := s.Runtime().ContainerStatus(c)
|
2016-11-22 22:23:01 +00:00
|
|
|
if cStatus.Status != oci.ContainerStateStopped {
|
2017-10-15 20:05:41 +00:00
|
|
|
if err := s.Runtime().StopContainer(ctx, c, 10); err != nil {
|
2017-07-19 19:03:22 +00:00
|
|
|
return nil, fmt.Errorf("failed to stop container %s in pod sandbox %s: %v", c.Name(), sb.ID(), err)
|
2016-11-22 22:23:01 +00:00
|
|
|
}
|
2017-05-21 13:47:01 +00:00
|
|
|
if c.ID() == podInfraContainer.ID() {
|
|
|
|
continue
|
|
|
|
}
|
2017-08-02 15:17:45 +00:00
|
|
|
if err := s.StorageRuntimeServer().StopContainer(c.ID()); err != nil && errors.Cause(err) != storage.ErrContainerUnknown {
|
2017-05-21 13:47:01 +00:00
|
|
|
// assume container already umounted
|
2017-07-19 19:03:22 +00:00
|
|
|
logrus.Warnf("failed to stop container %s in pod sandbox %s: %v", c.Name(), sb.ID(), err)
|
2017-05-21 13:47:01 +00:00
|
|
|
}
|
2016-11-22 22:23:01 +00:00
|
|
|
}
|
2017-07-20 17:05:12 +00:00
|
|
|
s.ContainerStateToDisk(c)
|
2016-11-22 22:23:01 +00:00
|
|
|
}
|
|
|
|
|
2017-07-19 19:03:22 +00:00
|
|
|
if err := label.ReleaseLabel(sb.ProcessLabel()); err != nil {
|
2017-05-21 13:47:01 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// unmount the shm for the pod
|
2017-07-19 19:03:22 +00:00
|
|
|
if sb.ShmPath() != "/dev/shm" {
|
2017-05-21 13:47:01 +00:00
|
|
|
// we got namespaces in the form of
|
|
|
|
// /var/run/containers/storage/overlay-containers/CID/userdata/shm
|
|
|
|
// but /var/run on most system is symlinked to /run so we first resolve
|
|
|
|
// the symlink and then try and see if it's mounted
|
2017-07-19 19:03:22 +00:00
|
|
|
fp, err := symlink.FollowSymlinkInScope(sb.ShmPath(), "/")
|
2017-05-21 13:47:01 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if mounted, err := mount.Mounted(fp); err == nil && mounted {
|
|
|
|
if err := unix.Unmount(fp, unix.MNT_DETACH); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2017-08-02 15:17:45 +00:00
|
|
|
if err := s.StorageRuntimeServer().StopContainer(sb.ID()); err != nil && errors.Cause(err) != storage.ErrContainerUnknown {
|
2017-07-19 19:03:22 +00:00
|
|
|
logrus.Warnf("failed to stop sandbox container in pod sandbox %s: %v", sb.ID(), err)
|
2017-05-21 13:47:01 +00:00
|
|
|
}
|
|
|
|
|
2017-08-16 22:42:20 +00:00
|
|
|
sb.SetStopped()
|
2017-11-09 10:10:35 +00:00
|
|
|
resp = &pb.StopPodSandboxResponse{}
|
2017-08-17 21:27:29 +00:00
|
|
|
logrus.Debugf("StopPodSandboxResponse %s: %+v", sb.ID(), resp)
|
2016-11-22 22:23:01 +00:00
|
|
|
return resp, nil
|
|
|
|
}
|
2017-05-15 14:30:50 +00:00
|
|
|
|
|
|
|
// StopAllPodSandboxes removes all pod sandboxes
|
|
|
|
func (s *Server) StopAllPodSandboxes() {
|
|
|
|
logrus.Debugf("StopAllPodSandboxes")
|
2017-07-25 15:12:53 +00:00
|
|
|
for _, sb := range s.ContainerServer.ListSandboxes() {
|
2017-05-15 14:30:50 +00:00
|
|
|
pod := &pb.StopPodSandboxRequest{
|
2017-07-19 19:03:22 +00:00
|
|
|
PodSandboxId: sb.ID(),
|
2017-05-15 14:30:50 +00:00
|
|
|
}
|
|
|
|
if _, err := s.StopPodSandbox(nil, pod); err != nil {
|
2017-07-19 19:03:22 +00:00
|
|
|
logrus.Warnf("could not StopPodSandbox %s: %v", sb.ID(), err)
|
2017-05-15 14:30:50 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|