From 0a0d5ba9663ca05bfa681a9a4db224ce9265dd3a Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 22 Dec 2021 08:53:54 +0100 Subject: [PATCH] Fix killscript regex match for libpod-conmon-* Whenever a process belongs to libpod-conmon-* scope instead of libpod-*, wrong container name "conmon" is matched as the container ID. That increases memory footprint for neutron-dhcp-agent as it puts sidecars in an endless loop, since the killscript fails with code 125. That mostly affects higly loaded systems. Closes-bug: #1955491 Change-Id: I972fce006c787f91e4a56b1a560d202aa9db46c9 Related: rhbz#2032010 Signed-off-by: Bogdan Dobrelya (cherry picked from commit 947b18cf44f2755b260104f4207add70111e5116) --- deployment/neutron/kill-script | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/neutron/kill-script b/deployment/neutron/kill-script index f57e2d00f1..4f5c6ad573 100644 --- a/deployment/neutron/kill-script +++ b/deployment/neutron/kill-script @@ -52,7 +52,7 @@ signal_container() { {% raw -%} if [ -f /proc/$PID/cgroup ]; then # Get container ID based on process cgroups - CT_ID=$(awk 'BEGIN {FS="[-.]"} /:pids:/{print $3}' /proc/$PID/cgroup) + CT_ID=$(awk 'BEGIN {FS=".scope|-"} /0::|:pids:/ {if ($(NF-1)) print $(NF-1);exit}' /proc/$PID/cgroup) CT_NAME=$($CLI inspect -f '{{.Name}}' $CT_ID) case $SIG in