diff options
author | Andrei Vagin <avagin@gmail.com> | 2021-10-29 16:57:11 +0100 |
---|---|---|
committer | Daniel Dao <dqminh89@gmail.com> | 2021-11-01 11:06:16 +0000 |
commit | 588a28be53e191107569056b5352df60872bc45b (patch) | |
tree | c390d00d0b439abf23ae6d48637f18c65669381e /runsc/container | |
parent | 1953d2ad28d405a3ab028feba7b6fca18339e9be (diff) |
Add common Cgroup interface
This is part of cgroupv2 patch set. Here we add a Cgroup interface that
both v1 and v2 need to conform to, and port cgroupv1 to use that first.
Signed-off-by: Daniel Dao <dqminh89@gmail.com>
Diffstat (limited to 'runsc/container')
-rw-r--r-- | runsc/container/container.go | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/runsc/container/container.go b/runsc/container/container.go index 77a0f7eba..bee37e1b3 100644 --- a/runsc/container/container.go +++ b/runsc/container/container.go @@ -123,7 +123,7 @@ type Container struct { // Note that CompatCgroup is created only for compatibility with tools // that expect container cgroups to exist. Setting limits here makes no change // to the container in question. - CompatCgroup *cgroup.Cgroup `json:"compatCgroup"` + CompatCgroup cgroup.CgroupJSON `json:"compatCgroup"` // Saver handles load from/save to the state file safely from multiple // processes. @@ -249,7 +249,7 @@ func New(conf *config.Config, args Args) (*Container, error) { if err != nil { return nil, err } - c.CompatCgroup = subCgroup + c.CompatCgroup = cgroup.CgroupJSON{Cgroup: subCgroup} if err := runInCgroup(parentCgroup, func() error { ioFiles, specFile, err := c.createGoferProcess(args.Spec, conf, args.BundleDir, args.Attached) if err != nil { @@ -297,7 +297,7 @@ func New(conf *config.Config, args Args) (*Container, error) { if err != nil { return nil, err } - c.CompatCgroup = subCgroup + c.CompatCgroup = cgroup.CgroupJSON{Cgroup: subCgroup} // If the console control socket file is provided, then create a new // pty master/slave pair and send the TTY to the sandbox process. @@ -365,7 +365,7 @@ func (c *Container) Start(conf *config.Config) error { } else { // Join cgroup to start gofer process to ensure it's part of the cgroup from // the start (and all their children processes). - if err := runInCgroup(c.Sandbox.Cgroup, func() error { + if err := runInCgroup(c.Sandbox.CgroupJSON.Cgroup, func() error { // Create the gofer process. goferFiles, mountsFile, err := c.createGoferProcess(c.Spec, conf, c.BundleDir, false) if err != nil { @@ -784,7 +784,7 @@ func (c *Container) saveLocked() error { // root containers), and waits for the container or sandbox and the gofer // to stop. If any of them doesn't stop before timeout, an error is returned. func (c *Container) stop() error { - var parentCgroup *cgroup.Cgroup + var parentCgroup cgroup.Cgroup if c.Sandbox != nil { log.Debugf("Destroying container, cid: %s", c.ID) @@ -793,7 +793,7 @@ func (c *Container) stop() error { } // Only uninstall parentCgroup for sandbox stop. if c.Sandbox.IsRootContainer(c.ID) { - parentCgroup = c.Sandbox.Cgroup + parentCgroup = c.Sandbox.CgroupJSON.Cgroup } // Only set sandbox to nil after it has been told to destroy the container. c.Sandbox = nil @@ -813,8 +813,8 @@ func (c *Container) stop() error { } // Delete container cgroup if any. - if c.CompatCgroup != nil { - if err := c.CompatCgroup.Uninstall(); err != nil { + if c.CompatCgroup.Cgroup != nil { + if err := c.CompatCgroup.Cgroup.Uninstall(); err != nil { return err } } @@ -1059,7 +1059,7 @@ func isRoot(spec *specs.Spec) bool { // runInCgroup executes fn inside the specified cgroup. If cg is nil, execute // it in the current context. -func runInCgroup(cg *cgroup.Cgroup, fn func() error) error { +func runInCgroup(cg cgroup.Cgroup, fn func() error) error { if cg == nil { return fn() } @@ -1222,8 +1222,8 @@ func (c *Container) populateStats(event *boot.EventOut) { // setupCgroupForRoot configures and returns cgroup for the sandbox and the // root container. If `cgroupParentAnnotation` is set, use that path as the // sandbox cgroup and use Spec.Linux.CgroupsPath as the root container cgroup. -func (c *Container) setupCgroupForRoot(conf *config.Config, spec *specs.Spec) (*cgroup.Cgroup, *cgroup.Cgroup, error) { - var parentCgroup *cgroup.Cgroup +func (c *Container) setupCgroupForRoot(conf *config.Config, spec *specs.Spec) (cgroup.Cgroup, cgroup.Cgroup, error) { + var parentCgroup cgroup.Cgroup if parentPath, ok := spec.Annotations[cgroupParentAnnotation]; ok { var err error parentCgroup, err = cgroup.NewFromPath(parentPath) @@ -1256,7 +1256,7 @@ func (c *Container) setupCgroupForRoot(conf *config.Config, spec *specs.Spec) (* // subcontainers run exclusively inside the sandbox, subcontainer cgroups on the // host have no effect on them. However, some tools (e.g. cAdvisor) uses cgroups // paths to discover new containers and report stats for them. -func (c *Container) setupCgroupForSubcontainer(conf *config.Config, spec *specs.Spec) (*cgroup.Cgroup, error) { +func (c *Container) setupCgroupForSubcontainer(conf *config.Config, spec *specs.Spec) (cgroup.Cgroup, error) { if isRoot(spec) { if _, ok := spec.Annotations[cgroupParentAnnotation]; !ok { return nil, nil @@ -1276,7 +1276,7 @@ func (c *Container) setupCgroupForSubcontainer(conf *config.Config, spec *specs. // For rootless, it's possible that cgroups operations fail, in this case the // error is suppressed and a nil cgroups instance is returned to indicate that // no cgroups was configured. -func cgroupInstall(conf *config.Config, cg *cgroup.Cgroup, res *specs.LinuxResources) (*cgroup.Cgroup, error) { +func cgroupInstall(conf *config.Config, cg cgroup.Cgroup, res *specs.LinuxResources) (cgroup.Cgroup, error) { // TODO(gvisor.dev/issue/3481): Remove when cgroups v2 is supported. if cgroup.IsOnlyV2() { if conf.Rootless { |