[lxc-devel] [lxd/master] network: do not update limits unconditionally

brauner on Github lxc-bot at linuxcontainers.org
Wed Oct 11 08:10:27 UTC 2017 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 921 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20171011/bfa367de/attachment.bin>
-------------- next part --------------
From abe8684cc47e9aa87613dbeeb125cf73c94bd6b6 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 11 Oct 2017 10:02:53 +0200
Subject: [PATCH] network: do not update limits unconditionally

In order to determine whether a given device needs to be updated LXD will diff
the keys and values for the old and the new device settings. If LXD determines
a difference it will append the key and the corresponding value to the device.
If it determines they don't differ the key and value won't be in the updated
devices list that is passed to the the container's update method. So we can
simply rely on checking whether the given key exists in the device that is to
be updated if it isn't we don't need to run the actual update.

Closes #3920.

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 lxd/container.go     |  2 ++
 lxd/container_lxc.go | 17 +++++++++++++++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/lxd/container.go b/lxd/container.go
index bde60418a..d53d91e19 100644
--- a/lxd/container.go
+++ b/lxd/container.go
@@ -81,6 +81,8 @@ func containerValidConfigKey(os *sys.OS, key string, value string) error {
 	return nil
 }
 
+var containerNetworkLimitKeys = []string{"limits.max", "limits.ingress", "limits.egress"}
+
 func containerValidDeviceConfigKey(t, k string) bool {
 	if k == "type" {
 		return true
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index ce8918179..535044c74 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -6777,6 +6777,18 @@ func (c *containerLXC) setNetworkLimits(name string, m types.Device) error {
 		return fmt.Errorf("Network limits are only supported on bridged and p2p interfaces")
 	}
 
+	needsUpdate := false
+	for _, v := range containerNetworkLimitKeys {
+		_, needsUpdate = m[v]
+		if needsUpdate {
+			break
+		}
+	}
+
+	if !needsUpdate {
+		return nil
+	}
+
 	// Load the go-lxc struct
 	err := c.initLXC()
 	if err != nil {
@@ -6796,9 +6808,10 @@ func (c *containerLXC) setNetworkLimits(name string, m types.Device) error {
 
 	// Look for the host side interface name
 	veth := c.getHostInterface(m["name"])
-
 	if veth == "" {
-		return fmt.Errorf("LXC doesn't know about this device and the host_name property isn't set, can't find host side veth name")
+		return fmt.Errorf(`LXC doesn't know about this device and the ` +
+			`host_name property isn't set, can't find host side ` +
+			`veth name`)
 	}
 
 	// Apply max limit

More information about the lxc-devel mailing list