diff --git a/oci/oci.go b/oci/oci.go
index e9babb7f..b34b00a2 100644
--- a/oci/oci.go
+++ b/oci/oci.go
@@ -151,7 +151,7 @@ func getOCIVersion(name string, args ...string) (string, error) {
 }
 
 // CreateContainer creates a container.
-func (r *Runtime) CreateContainer(c *Container, cgroupParent string) error {
+func (r *Runtime) CreateContainer(c *Container, cgroupParent string) (err error) {
 	var stderrBuf bytes.Buffer
 	parentPipe, childPipe, err := newPipe()
 	childStartPipe, parentStartPipe, err := newPipe()
@@ -248,6 +248,13 @@ func (r *Runtime) CreateContainer(c *Container, cgroupParent string) error {
 		return err
 	}
 
+	// We will delete all container resources if creation fails
+	defer func() {
+		if err != nil {
+			r.DeleteContainer(c)
+		}
+	}()
+
 	// Wait to get container pid from conmon
 	type syncStruct struct {
 		si  *syncInfo