[lxc-devel] [PATCH 2/4] cgroup: Split legacy 'ns' cgroup handling off from main cgroup handling

Serge Hallyn serge.hallyn at ubuntu.com
Thu Sep 12 15:35:05 UTC 2013


Quoting Christian Seiler (christian at iwakd.de):
> This patch splits off ns legacy cgroup handling from main cgroup
> handling. It moves the creation of the cgroups before clone(), so that
> the child will easily know which cgroups it will later belong to. Since
> this is not possible for the renaming of the 'ns' cgroup, keep that
> part after clone.
> 
> Signed-off-by: Christian Seiler <christian at iwakd.de>

Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>

> ---
>  src/lxc/cgroup.c |   61 +++++++++++++++++++++++++++++++++++-------------------
>  src/lxc/cgroup.h |    3 ++-
>  src/lxc/start.c  |   15 ++++++++++++--
>  3 files changed, 55 insertions(+), 24 deletions(-)
> 
> diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c
> index aaee546..ad95fc4 100644
> --- a/src/lxc/cgroup.c
> +++ b/src/lxc/cgroup.c
> @@ -604,7 +604,7 @@ static char *cgroup_rename_nsgroup(const char *mountpath, const char *oldname, p
>  }
>  
>  /* create a new cgroup */
> -extern struct cgroup_process_info *lxc_cgroup_create(const char *name, const char *path_pattern, struct cgroup_meta_data *meta_data, const char *sub_pattern, pid_t pid)
> +extern struct cgroup_process_info *lxc_cgroup_create(const char *name, const char *path_pattern, struct cgroup_meta_data *meta_data, const char *sub_pattern)
>  {
>  	char **cgroup_path_components = NULL;
>  	char **p = NULL;
> @@ -826,27 +826,16 @@ extern struct cgroup_process_info *lxc_cgroup_create(const char *name, const cha
>  
>  	/* we're done, now update the paths */
>  	for (i = 0, info_ptr = base_info; info_ptr; info_ptr = info_ptr->next, i++) {
> -		/*
> -		 * For any path which has ns cgroup mounted, handler->pid is already
> -		 * moved into a container called '%d % (handler->pid)'.  Rename it to
> -		 * the cgroup name and record that.
> +		/* ignore legacy 'ns' subsystem here, lxc_cgroup_create_legacy
> +		 * will take care of it
> +		 * Since we do a continue in above loop, new_cgroup_paths[i] is
> +		 * unset anyway, as is new_cgroup_paths_sub[i]
>  		 */
> -		if (lxc_string_in_array("ns", (const char **)info_ptr->hierarchy->subsystems)) {
> -			char *tmp = cgroup_rename_nsgroup((const char *)info_ptr->designated_mount_point->mount_point,
> -					info_ptr->cgroup_path, pid, name);
> -			if (!tmp)
> -				goto out_initial_error;
> -			free(info_ptr->cgroup_path);
> -			info_ptr->cgroup_path = tmp;
> -			r = lxc_grow_array((void ***)&info_ptr->created_paths, &info_ptr->created_paths_capacity, info_ptr->created_paths_count + 1, 8);
> -			if (r < 0)
> -				goto out_initial_error;
> -			info_ptr->created_paths[info_ptr->created_paths_count++] = strdup(tmp);
> -		} else {
> -			free(info_ptr->cgroup_path);
> -			info_ptr->cgroup_path = new_cgroup_paths[i];
> -			info_ptr->cgroup_path_sub = new_cgroup_paths_sub[i];
> -		}
> +		if (lxc_string_in_array("ns", (const char **)info_ptr->hierarchy->subsystems))
> +			continue;
> +		free(info_ptr->cgroup_path);
> +		info_ptr->cgroup_path = new_cgroup_paths[i];
> +		info_ptr->cgroup_path_sub = new_cgroup_paths_sub[i];
>  	}
>  	/* don't use lxc_free_array since we used the array members
>  	 * to store them in our result...
> @@ -868,6 +857,36 @@ out_initial_error:
>  	return NULL;
>  }
>  
> +int lxc_cgroup_create_legacy(struct cgroup_process_info *base_info, const char *name, pid_t pid)
> +{
> +	struct cgroup_process_info *info_ptr;
> +	int r;
> +
> +	for (info_ptr = base_info; info_ptr; info_ptr = info_ptr->next) {
> +		if (!lxc_string_in_array("ns", (const char **)info_ptr->hierarchy->subsystems))
> +			continue;
> +		/*
> +		 * For any path which has ns cgroup mounted, handler->pid is already
> +		 * moved into a container called '%d % (handler->pid)'.  Rename it to
> +		 * the cgroup name and record that.
> +		 */
> +		char *tmp = cgroup_rename_nsgroup((const char *)info_ptr->designated_mount_point->mount_point,
> +				info_ptr->cgroup_path, pid, name);
> +		if (!tmp)
> +			return -1;
> +		free(info_ptr->cgroup_path);
> +		info_ptr->cgroup_path = tmp;
> +		r = lxc_grow_array((void ***)&info_ptr->created_paths, &info_ptr->created_paths_capacity, info_ptr->created_paths_count + 1, 8);
> +		if (r < 0)
> +			return -1;
> +		tmp = strdup(tmp);
> +		if (!tmp)
> +			return -1;
> +		info_ptr->created_paths[info_ptr->created_paths_count++] = tmp;
> +	}
> +	return 0;
> +}
> +
>  /* get the cgroup membership of a given container */
>  struct cgroup_process_info *lxc_cgroup_get_container_info(const char *name, const char *lxcpath, struct cgroup_meta_data *meta_data)
>  {
> diff --git a/src/lxc/cgroup.h b/src/lxc/cgroup.h
> index bd2da25..2555390 100644
> --- a/src/lxc/cgroup.h
> +++ b/src/lxc/cgroup.h
> @@ -113,7 +113,8 @@ extern struct cgroup_process_info *lxc_cgroup_process_info_get_init(struct cgrou
>  extern struct cgroup_process_info *lxc_cgroup_process_info_get_self(struct cgroup_meta_data *meta);
>  
>  /* create a new cgroup */
> -extern struct cgroup_process_info *lxc_cgroup_create(const char *name, const char *path_pattern, struct cgroup_meta_data *meta_data, const char *sub_pattern, int pid);
> +extern struct cgroup_process_info *lxc_cgroup_create(const char *name, const char *path_pattern, struct cgroup_meta_data *meta_data, const char *sub_pattern);
> +extern int lxc_cgroup_create_legacy(struct cgroup_process_info *base_info, const char *name, pid_t pid);
>  
>  /* get the cgroup membership of a given container */
>  extern struct cgroup_process_info *lxc_cgroup_get_container_info(const char *name, const char *lxcpath, struct cgroup_meta_data *meta_data);
> diff --git a/src/lxc/start.c b/src/lxc/start.c
> index 6e95ff1..56a2e6b 100644
> --- a/src/lxc/start.c
> +++ b/src/lxc/start.c
> @@ -663,6 +663,14 @@ int lxc_spawn(struct lxc_handler *handler)
>  	if (!cgroup_pattern)
>  		cgroup_pattern = "%n";
>  
> +	/* Create cgroup before doing clone(), so the child will know from
> +	 * handler which cgroup it is going to be put in later.
> +	 */
> +	if ((handler->cgroup = lxc_cgroup_create(name, cgroup_pattern, cgroup_meta, NULL)) == NULL) {
> +		ERROR("failed to create cgroups for '%s'", name);
> +		goto out_delete_net;
> +	}
> +
>  	/*
>  	 * if the rootfs is not a blockdev, prevent the container from
>  	 * marking it readonly.
> @@ -684,8 +692,11 @@ int lxc_spawn(struct lxc_handler *handler)
>  	if (lxc_sync_wait_child(handler, LXC_SYNC_CONFIGURE))
>  		failed_before_rename = 1;
>  
> -	if ((handler->cgroup = lxc_cgroup_create(name, cgroup_pattern, cgroup_meta, NULL, handler->pid)) == NULL) {
> -		ERROR("failed to create cgroups for '%s'", name);
> +	/* In case there is still legacy ns cgroup support in the kernel.
> +	 * Should be removed at some later point in time.
> +	 */
> +	if (lxc_cgroup_create_legacy(handler->cgroup, name, handler->pid) < 0) {
> +		ERROR("failed to create legacy ns cgroups for '%s'", name);
>  		goto out_delete_net;
>  	}
>  
> -- 
> 1.7.10.4
> 
> 
> ------------------------------------------------------------------------------
> How ServiceNow helps IT people transform IT departments:
> 1. Consolidate legacy IT systems to a single system of record for IT
> 2. Standardize and globalize service processes across IT
> 3. Implement zero-touch automation to replace manual, redundant tasks
> http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel




More information about the lxc-devel mailing list