From e8a4f2e133c3a7fb4a2dceb6675ebc57ea4f7350 Mon Sep 17 00:00:00 2001 From: Nicolas Lacasse Date: Tue, 14 Aug 2018 16:24:46 -0700 Subject: runsc: Change cache policy for root fs and volume mounts. Previously, gofer filesystems were configured with the default "fscache" policy, which caches filesystem metadata and contents aggressively. While this setting is best for performance, it means that changes from inside the sandbox may not be immediately propagated outside the sandbox, and vice-versa. This CL changes volumes and the root fs configuration to use a new "remote-revalidate" cache policy which tries to retain as much caching as possible while still making fs changes visible across the sandbox boundary. This cache policy is enabled by default for the root filesystem. The default value for the "--file-access" flag is still "proxy", but the behavior is changed to use the new cache policy. A new value for the "--file-access" flag is added, called "proxy-exclusive", which turns on the previous aggressive caching behavior. As the name implies, this flag should be used when the sandbox has "exclusive" access to the filesystem. All volume mounts are configured to use the new cache policy, since it is safest and most likely to be correct. There is not currently a way to change this behavior, but it's possible to add such a mechanism in the future. The configurability is a smaller issue for volumes, since most of the expensive application fs operations (walking + stating files) will likely served by the root fs. PiperOrigin-RevId: 208735037 Change-Id: Ife048fab1948205f6665df8563434dbc6ca8cfc9 --- runsc/test/testutil/testutil.go | 1 + 1 file changed, 1 insertion(+) (limited to 'runsc/test') diff --git a/runsc/test/testutil/testutil.go b/runsc/test/testutil/testutil.go index 4e7ab3760..d2b39b58c 100644 --- a/runsc/test/testutil/testutil.go +++ b/runsc/test/testutil/testutil.go @@ -81,6 +81,7 @@ func TestConfig() *boot.Config { Network: boot.NetworkNone, Strace: true, MultiContainer: true, + FileAccess: boot.FileAccessProxyExclusive, } } -- cgit v1.2.3