Skip to content

Commit 0a0702f

Browse files
committed
shim: mark container stopped on kill of a saved/migrated sandbox
A bare no-op return on kill of a saved/migrated sandbox (whose local VM has already been handed off) leaves the container RUNNING, so the kubelet loops StopContainer and never reaches RemovePodSandbox; the source pod then hangs Terminating with a live shim. Mark the container STOPPED so the kubelet observes termination and finalizes the pod, mirroring the existing agent-unreachable branch. Container-level kill only.
1 parent 3d6a31e commit 0a0702f

1 file changed

Lines changed: 10 additions & 0 deletions

File tree

src/runtime/pkg/containerd-shim-v2/service.go

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1073,6 +1073,16 @@ func (s *service) Kill(ctx context.Context, r *taskAPI.KillRequest) (_ *emptypb.
10731073
"container": c.id,
10741074
"mode": mode.String(),
10751075
}).Debug("sandbox saved/migrated; local VM not running — treating kill as a no-op")
1076+
// #268: like the agent-unreachable branch below, a bare no-op leaves
1077+
// the container RUNNING, so the kubelet loops StopContainer and never
1078+
// reaches RemovePodSandbox — a successful migration SOURCE (ModeMigrated;
1079+
// QEMU already handed off) then hangs Terminating with a live shim.
1080+
// Mark it STOPPED so the kubelet observes termination and finalizes the
1081+
// pod; here the shim stays alive to serve State/Wait/Delete, so the
1082+
// teardown completes cleanly. Container-level kill only (ExecID=="").
1083+
if r.ExecID == "" {
1084+
markContainerStoppedForTeardown(c)
1085+
}
10761086
return empty, nil
10771087
}
10781088
// FR-054 / #254: a teardown SIGKILL/SIGTERM whose in-guest agent is

0 commit comments

Comments
 (0)