Description
When a container is created in a namespace, a top level cgroup directory is created for that namespace. When all resources are removed from a namespace, and the namespace is deleted, the corresponding top level cgroup directory remains.
Steps to reproduce the issue:
The following uses utilities from the cgroup-tools Debian package.
- Create a namespace, pull an image and run a container.
ctr namespace create llama
ctr -n llama image pull docker.io/library/debian:buster
ctr -n llama run -d docker.io/library/debian:buster buster /bin/true
- Observe the cgroup directory structure created
net_cls,net_prio:/llama
net_cls,net_prio:/llama/buster
cpu,cpuacct:/llama
cpu,cpuacct:/llama/buster
blkio:/llama
blkio:/llama/buster
cpuset:/llama
cpuset:/llama/buster
memory:/llama
memory:/llama/buster
pids:/llama
pids:/llama/buster
devices:/llama
devices:/llama/buster
freezer:/llama
freezer:/llama/buster
perf_event:/llama
perf_event:/llama/buster
- Delete the image, container and namespace
ctr -n llama image rm --sync docker.io/library/debian:buster
ctr -n llama c rm buster
ctr namespace rm llama
- Observe the cgroup directory structure that still exists
net_cls,net_prio:/llama
cpu,cpuacct:/llama
blkio:/llama
cpuset:/llama
memory:/llama
pids:/llama
devices:/llama
freezer:/llama
perf_event:/llama
Describe the results you received:
cgroup top level directories that are created for containers in namespaces to not get deleted with the corresponding containerd namespace.
Describe the results you expected:
cgroup top level directory gets deleted when corresponding containerd namespace gets deleted.
Output of containerd --version:
containerd github.com/containerd/containerd v1.2.2 9754871865f7fe2f4e74d43e2fc7ccd237edcbce
Description
When a container is created in a namespace, a top level cgroup directory is created for that namespace. When all resources are removed from a namespace, and the namespace is deleted, the corresponding top level cgroup directory remains.
Steps to reproduce the issue:
The following uses utilities from the
cgroup-toolsDebian package.lscgroup | grep llamalscgroup | grep llamaDescribe the results you received:
cgroup top level directories that are created for containers in namespaces to not get deleted with the corresponding containerd namespace.
Describe the results you expected:
cgroup top level directory gets deleted when corresponding containerd namespace gets deleted.
Output of
containerd --version: