[lxc-devel] [RFC] [PATCH 0/6] Major cgroup logic rewrite

[Serge Hallyn]

Quoting Christian Seiler (christian at iwakd.de):
> Hi all,
> 
> As discussed previously, I've now done a major rewrite of the entire
> cgroup logic. There are now no assumptions made whatsoever when it
> comes to the cgroup mount points, the kernel information will be used
> to determine the proper locations for everything. (Only /proc is
> assumed to be working properly.)
> 
> The patch series can also be found at my github under
> <https://github.com/chris-se/lxc/tree/cgroup-major-rewrite>
> 
> I ended up almost completely rewriting cgroup.c to make it fit the new
> scheme. For this reason, for the last patch for cgroup.[ch] it's
> probably better to look at the new version and not the diff.
> 
> I did test the whole enchilada quite a bit, but I'm very sure that
> there are a lot more bugs in there. What does work:
> 
>  - lxc-start (and -info, -stop)
>  - Choosing $name-1, $name-2, ... as cgroup if $name is already used up
>  - lxc-attach
>  - lxc-freeze / lxc-unfreeze
>  - lxc-stop -k on a frozen container
>  - All subsystems mounted together in /sys/fs/cgroup directly
>  - All subsystems mounted into different subdirectories beneath
>    /sys/fs/cgroup
>  - Although I didn't try actual nesting, on the systems with
>    subsystems together in /sys/fs/cgroup I did:
>       mkdir /sys/fs/cgroup/init /foo
>       echo 1 > /sys/fs/cgroup/init/tasks
>       mount --bind /sys/fs/cgroup/init /foo
>       umount /sys/fs/cgroup
>       mount --bind /foo /sys/fs/cgroup
>       umount /foo
>    And then lxc-start, which worked and correctly put the container
>    in the /init/lxc/$name cgroup. This means that even with the current
>    mountcgroups hook nesting should work (although as discussed before,
>    the current mountcgroups logic breaks other software relying on
>    cgroups [1])
> 
> Known issues:
> 
>  - Sometimes cgroup cleanup doesn't work 100%, sometimes cgroups are
>    left behind. With the name collision avoidance this isn't a

Thanks, Christian.  I did need the trivial white-space-damaged patch below, but
with that it built and ran for me, both with %n and default (/lxc/%n) patterns.
This was in a nested container, I haven't tested at host level but have no
reason to think that would fail if nested worked :)

However I didn't get occasional cgroups left behind - every cgroup was left
behind in my case.  I'll take another look.  I am to send acks and push
tomorrow.

thanks,
-serge

diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c
index 288aa2e..86d89e9 100644
--- a/src/lxc/cgroup.c
+++ b/src/lxc/cgroup.c
@@ -538,7 +538,7 @@ struct cgroup_process_info *lxc_cgroup_process_info_get_self(struct cgroup_meta_
 /* create a new cgroup */
 extern struct cgroup_process_info *lxc_cgroup_create(const char *name, const char *path_pattern, struct cgroup_meta_data *meta_data, const char *sub_pattern)
 {
-       char **cgroup_path_components;
+       char **cgroup_path_components = NULL;
        char **p = NULL;
        char *path_so_far = NULL;
        char **new_cgroup_paths = NULL;