libct: reduce the delete delay

abel-von · lifubang · commit cc6459999e3a · 2024-12-08T06:41:24.000Z
When using unix.Kill to kill the container, we need a for loop to detect
the init process exited or not manually, we sleep 100ms each time in the
current, but for stopped containers or containers running in a low load
machine, we don't need to wait so long time. This change will reduce the
delete delay in some situations, especially for those pods with many
containers in.

Co-authored-by: Abel Feng &lt;fshb1988@gmail.com&gt;
Signed-off-by: lfbzhm &lt;lifubang@acmcoder.com&gt;
diff --git a/delete.go b/delete.go
@@ -7,6 +7,7 @@ import (
 	"path/filepath"
 
 	"github.com/opencontainers/runc/libcontainer"
+	"github.com/opencontainers/runc/libcontainer/configs"
 	"github.com/urfave/cli"
 )
 
@@ -58,24 +59,27 @@ status of "ubuntu01" as "stopped" the following will delete resources held for
 			}
 			return err
 		}
-		// When --force is given, we kill all container processes and
-		// then destroy the container. This is done even for a stopped
-		// container, because (in case it does not have its own PID
-		// namespace) there may be some leftover processes in the
-		// container's cgroup.
-		if force {
-			return killAndDestroy(container)
-		}
 		s, err := container.Status()
 		if err != nil {
 			return err
 		}
 		switch s {
 		case libcontainer.Stopped:
+			// For a stopped container, because (in case it does not have
+			// its own PID namespace) there may be some leftover processes
+			// in the container's cgroup.
+			if !container.Config().Namespaces.IsPrivate(configs.NEWPID) {
+				return killAndDestroy(container)
+			}
 			return container.Destroy()
 		case libcontainer.Created:
 			return killAndDestroy(container)
 		default:
+			// When --force is given, we kill all container processes and
+			// then destroy the container.
+			if force {
+				return killAndDestroy(container)
+			}
 			return fmt.Errorf("cannot delete container %s that is not stopped: %s", id, s)
 		}
 	},
diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
@@ -473,6 +473,15 @@ func (c *Container) killViaPidfd() error {
 
 func (c *Container) kill() error {
 	_ = c.Signal(unix.SIGKILL)
+
+	// For containers running in a low load machine, we only need to wait about 1ms.
+	time.Sleep(time.Millisecond)
+	if err := c.Signal(unix.Signal(0)); err != nil {
+		return nil
+	}
+
+	// For some containers in a heavy load machine, we need to wait more time.
+	logrus.Debugln("We need more time to wait the init process exit.")
 	for i := 0; i < 100; i++ {
 		time.Sleep(100 * time.Millisecond)
 		if err := c.Signal(unix.Signal(0)); err != nil {
