You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Jan Schlicht (JIRA)" <ji...@apache.org> on 2018/08/14 13:36:00 UTC
[jira] [Created] (MESOS-9153) Failures when isolating cgroups can
leak containers
Jan Schlicht created MESOS-9153:
-----------------------------------
Summary: Failures when isolating cgroups can leak containers
Key: MESOS-9153
URL: https://issues.apache.org/jira/browse/MESOS-9153
Project: Mesos
Issue Type: Bug
Affects Versions: 1.5.1
Reporter: Jan Schlicht
Attachments: health_check_leak.txt
When the isolation of cgroups fail (e.g., if cgroup hierarchies changed, as described in [MESOS-3488|https://issues.apache.org/jira/browse/MESOS-3488]) this will lead to a leaked container. Maybe only for nested container. The attached log is a {{VLOG(2)}} logs of a nested container that's started as part of a command health check for Kafka. I've removed all log lines unrelated to this container. Also, the cgroup hierarchy has been manipulated, to run into MESOS-3488.
The linux launcher fails while the containerizer is in {{ISOLATING}} state. The containerizer transitions to {{DESTROYING}} and tries to cleanup the isolators. The isolators ignore the cleanup requests, because the container ID seems to be unknown to them. In case of the Linux Filesystem Isolator, this leads to the container directory not getting cleaned up.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)