[Devel] [Q rh7] ve.legacy_veid

[Vladimir Davydov]

Hi,

As you know, we are in the process of switching from numeric VEID to
UUID. However, there are still lots of legacy interfaces (ioctls) that
want VEID. To avoid extending them to take UUID instead of VEID, we
introduced ve.legacy_veid, which is a pseudo file of the VE cgroup
containing VEID assigned to the cgroup. VEID is assigned as follows: if
the cgroup name can be parsed as unsigned int than assign legacy_veid to
the parsed value, otherwise allocate a unique ID >= INT_MAX/2. The
userspace is meant to use ve.legacy_veid when accessing a new cgroup via
an old interface.

The problem is some data looked up by VEID can outlive the corresponding
container. An example is /proc/vz/venetstat, whose entries live until
container destruction. Since we currently remove all cgroups, including
the VE cgroup, on container stop, container restart will result in
regenerating ve.legacy_veid and cluttering /proc/vz/venetstat. We should
fix this somehow.

After discussion with Igor and Konstantin, we've found three ways of
fixing the issue:

1. Get rid of ve.legacy_veid and switch all kernel interfaces to UUID.
This will require massive patching of the kernel.

2. Convert UUID to VEID in kernel in a stable fashion (e.g. take first
32 bits of UUID) and hope there will be no UUID conflicts. Or allow
userspace to write to ve.legacy_veid.

3. Do not remove cgroups on container stop. Only remove them on
container destruction.

Personally, I would vote for #3 as the least intrusive way. Cgroup
directories are not that fat to purge them on each CT stop, IMO.

Any thoughts?

Thanks,
Vladimir