-
Notifications
You must be signed in to change notification settings - Fork 256
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pause container always runs ping.exe #1576
Comments
Oh for argon. Yea this is a bug for sure |
Fix considered for resolving this issue is as follows: Check if entrypoint is the same as the default entrypoint for nanoserver and servercore images which is "c:\windows\system32\cmd.exe". Please note, that with this approach we override with ping.exe ONLY if the entrypoint of image is same as the default for nanoserver and servercore images, which is "c:\windows\system32\cmd.exe". If a new pause image is built with nanoserver/servercore as the base image and a different entrypoint such as "cmd.exe" or "windows/system32/cmd.exe" etc are used, then this fix could breaking as we will not be overriding with ping.exe PR for this: #1615 |
Has anyone found a way of working around this on AKS? Or, I guess more accurately, what version includes that PR? We're finding that PING.EXE launched inside the pause container gradually leaks memory, which after a few weeks causes kubelet to restart suddenly, breaking our disruption budgets. |
Unfortunately it seems it's not possible to override the pause container image on Azure Kubernetes (even if you manually tag over the pause images and the local Indeed until this issue is fixed, long-running containers on Windows Server 2022 will eventually be killed (when PING.EXE is OOM killed) Upon inspecting the contents of the pause container, I can see a copy of |
This issue was fixed in #1634 to use pause.exe by default. This fix should be available on AKS soon. |
cc @AbelHu |
AKS has picked up Windows containerd v1.6.21 which has contained this fix https://github.com/microsoft/hcsshim/pull/1634/files |
createPod()
always runscmd /c ping -t 127.0.0.1 > nul
for the pause container for Windows process isolated pods.https://github.com/microsoft/hcsshim/blob/main/cmd/containerd-shim-runhcs-v1/pod.go#L240-L245
Kubernetes maintains a Windows pause image that is supposed to run
pause.exe
instead ofping.exe
.ping.exe
creates unnecessary I/O which can cause performance issues on machines running large numbers of pods/containers.The text was updated successfully, but these errors were encountered: