diff options
| author | Fabricio Voznika <fvoznika@google.com> | 2018-10-10 08:59:25 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-10-10 09:00:42 -0700 |
| commit | 29cd05a7c66ee8061c0e5cf8e94c4e507dcf33e0 (patch) | |
| tree | 91600ea6944d18c86f41b5f8003311a8c7bd154b /runsc/cmd/boot.go | |
| parent | 20508bafb88d2037ea3b2c8483b191ce72e7ad7e (diff) | |
Add sandbox to cgroup
Sandbox creation uses the limits and reservations configured in the
OCI spec and set cgroup options accordinly. Then it puts both the
sandbox and gofer processes inside the cgroup.
It also allows the cgroup to be pre-configured by the caller. If the
cgroup already exists, sandbox and gofer processes will join the
cgroup but it will not modify the cgroup with spec limits.
PiperOrigin-RevId: 216538209
Change-Id: If2c65ffedf55820baab743a0edcfb091b89c1019
Diffstat (limited to 'runsc/cmd/boot.go')
| -rw-r--r-- | runsc/cmd/boot.go | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/runsc/cmd/boot.go b/runsc/cmd/boot.go index c6f78f63f..d26e92bcd 100644 --- a/runsc/cmd/boot.go +++ b/runsc/cmd/boot.go @@ -59,6 +59,13 @@ type Boot struct { // applyCaps determines if capabilities defined in the spec should be applied // to the process. applyCaps bool + + // cpuNum number of CPUs to create inside the sandbox. + cpuNum int + + // totalMem sets the initial amount of total memory to report back to the + // container. + totalMem uint64 } // Name implements subcommands.Command.Name. @@ -86,6 +93,8 @@ func (b *Boot) SetFlags(f *flag.FlagSet) { f.Var(&b.stdioFDs, "stdio-fds", "list of FDs containing sandbox stdin, stdout, and stderr in that order") f.BoolVar(&b.console, "console", false, "set to true if the sandbox should allow terminal ioctl(2) syscalls") f.BoolVar(&b.applyCaps, "apply-caps", false, "if true, apply capabilities defined in the spec to the process") + f.IntVar(&b.cpuNum, "cpu-num", 0, "number of CPUs to create inside the sandbox") + f.Uint64Var(&b.totalMem, "total-memory", 0, "sets the initial amount of total memory to report back to the container") } // Execute implements subcommands.Command.Execute. It starts a sandbox in a @@ -143,7 +152,19 @@ func (b *Boot) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}) } // Create the loader. - l, err := boot.New(f.Arg(0), spec, conf, b.controllerFD, b.deviceFD, b.ioFDs.GetArray(), b.stdioFDs.GetArray(), b.console) + bootArgs := boot.Args{ + ID: f.Arg(0), + Spec: spec, + Conf: conf, + ControllerFD: b.controllerFD, + DeviceFD: b.deviceFD, + GoferFDs: b.ioFDs.GetArray(), + StdioFDs: b.stdioFDs.GetArray(), + Console: b.console, + NumCPU: b.cpuNum, + TotalMem: b.totalMem, + } + l, err := boot.New(bootArgs) if err != nil { Fatalf("error creating loader: %v", err) } |