Destroyed nested container on `attachContainerOutput` failure.
authorAndrei Budnik <abudnik@mesosphere.com>
Tue, 13 Feb 2018 18:53:30 +0000 (10:53 -0800)
committerGreg Mann <gregorywmann@gmail.com>
Tue, 13 Feb 2018 20:10:08 +0000 (12:10 -0800)
After launching a container, the `LAUNCH_NESTED_CONTAINER_SESSION`
handler calls into `attachContainerOutput()`. Previously, if
`attachContainerOutput()` returned an HTTP response code other than
200, we didn't destroy the nested container. From the point of view of
API users, if `LAUNCH_NESTED_CONTAINER_SESSION` returns an error, then
no nested container should be left in the `RUNNING` state. This patch
fixes this issue by destroying the nested container when HTTP errors
are returned by this call to `attachContainerOutput()`.

Review: https://reviews.apache.org/r/65637/

src/slave/http.cpp

index 71e0bbb..a72050d 100644 (file)
@@ -3558,6 +3558,11 @@ Future<Response> Http::launchNestedContainerSession(
         .then(defer(slave->self(),
                     [=](const Response& response) -> Future<Response> {
           if (response.status != OK().status) {
+            LOG(WARNING) << "Failed to attach to nested container "
+                         << containerId << ": '" << response.status << "' ("
+                         << response.body << ")";
+
+            destroy(containerId);
             return response;
           }