From 9e8299eb6e866fa668b15ce34732fc3810ffe88c Mon Sep 17 00:00:00 2001
From: Bogdan Dobrelya <bdobreli@redhat.com>
Date: Wed, 22 Dec 2021 08:53:54 +0100
Subject: [PATCH] Fix killscript regex match for libpod-conmon-*

Whenever a process belongs to libpod-conmon-* scope
instead of libpod-*, wrong container name "conmon" is matched as
the container ID.

That increases memory footprint for neutron-dhcp-agent as it puts
sidecars in an endless loop, since the killscript fails with code 125.
That mostly affects higly loaded systems.

Closes-bug: #1955491
Change-Id: I972fce006c787f91e4a56b1a560d202aa9db46c9
Related: rhbz#2032010
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
(cherry picked from commit 4f7e4fd18997c597d57b1ca398a4f55737d68847)
---
 deployment/neutron/kill-script | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deployment/neutron/kill-script b/deployment/neutron/kill-script
index d18aaaf456..4112e07924 100644
--- a/deployment/neutron/kill-script
+++ b/deployment/neutron/kill-script
@@ -43,7 +43,7 @@ signal_container() {
 {% raw -%}
 if [ -f /proc/$PID/cgroup ]; then
   # Get container ID based on process cgroups
-  CT_ID=$(awk 'BEGIN {FS="[-.]"} /0::|:pids:/{print $3; exit}' /proc/$PID/cgroup)
+  CT_ID=$(awk 'BEGIN {FS=".scope|-"} /0::|:pids:/ {if ($(NF-1)) print $(NF-1);exit}' /proc/$PID/cgroup)
   CT_NAME=$($CLI inspect -f '{{.Name}}' $CT_ID)
 
   case $SIG in