runtime: remove stream copy infinite loop

This reverts commit 1c5693be86.

Avoid apparent infinite loop when ReadStreamRequest is blocked by
policy - for some of the pods.

When running the k8s-limit-range.bats test with Policy enabled,
the Shim + VMM never get terminated on my cluster. Not sure why
the sandbox clean-up works better for other tests, but the
k8s-limit-range test pod gets stuck in an infinite loop:

stdout io stream copy error happens: error = %wrpc error: code =
PermissionDenied desc = \"ReadStreamRequest is blocked by policy

...

policy check: ReadStreamRequest

...

stdout io stream copy error happens: error = %wrpc error: code =
PermissionDenied desc = \"ReadStreamRequest is blocked by policy

...

policy check: ReadStreamRequest

...

Fixes: #9380

Signed-off-by: Dan Mihai <dmihai@microsoft.com>
This commit is contained in:
Dan Mihai 2024-03-28 00:01:31 +00:00
parent ebb26edf42
commit 600f9266f3

View File

@ -10,9 +10,7 @@ import (
"fmt"
"io"
"net/url"
"strings"
"sync"
"time"
"github.com/sirupsen/logrus"
)
@ -127,20 +125,7 @@ func ioCopy(shimLog *logrus.Entry, exitch, stdinCloser chan struct{}, tty *ttyIO
shimLog.Debug("stdout io stream copy started")
p := bufPool.Get().(*[]byte)
defer bufPool.Put(p)
for {
var _, err = io.CopyBuffer(tty.io.Stdout(), stdoutPipe, *p)
if err != nil {
shimLog.Debug("stdout io stream copy error happens: error = %w", err.Error())
if !strings.Contains(err.Error(), "blocked by policy") {
break
}
time.Sleep(1 * time.Second)
} else {
break
}
}
io.CopyBuffer(tty.io.Stdout(), stdoutPipe, *p)
if tty.io.Stdin() != nil {
// close stdin to make the other routine stop
tty.io.Stdin().Close()