[Devel] [PATCH rh7] cgroups: Drop virtualization code, v5

Vladimir Davydov vdavydov at parallels.com
Thu May 7 07:54:32 PDT 2015 

On Thu, May 07, 2015 at 05:01:42PM +0300, Cyrill Gorcunov wrote:
> Here we rip off all the virtualization code we introduced into kernel to
> behave close to rhel6.
> 
> Because we're trying a new concept (bindmounting from the node) it is
> no longer needed.
> 
> Now some details:
> 
>  - drop cgroup_show_path -- we don't hide VEID in /proc/self/cgroup output,
>    it doesn't break criu so no need to carry it, same applies to changes
>    in cgroup_path;
> 
>  - because we drop virtualization of systemd -- disable creation of new
>    hierarchies in container: we don't support it, neither we need it. The
>    primary reason why we allowed new hierarchies in container was that
>    CRIU has been running restore procedure inside VE but now we initiate
>    restore from VE0, so we can safely disable new hierarchies;
> 
>  - in cgroup_addrm_files go back to former RHEL7 code; if we need something
>    special here it must be reviewed carefully and separately;
> 
>  - no need to hide /proc/cgroups in VE, there is no sensible info present.
> 
> v2:
>  - take into account commits 38f039db6e023ac14517219ad6f674633c4e99ca
>    and c2ac6df22b20389ae2d0af49c436b00ff3243e89 removing cgroup_is_disposable,
>    cgroup_kernel_destroy, ve::ve_cgroup_head.
> 
>  - drop GRPP_WEAK, CGRP_SELF_DESTRUCTION and CGRP_VE_TOP_CGROUP_VIRTUAL flags
>    which implies the cgroups no longer auto-cleaned up but user-space tool
>    (read vzctl and friends) should handle cgroups removal
> 
>  - because we're moving to native cgroups code we don't virtualize release
>    agent anymore
> 
>  - still cgroup::cgroup_ve member is needed because we're using it
>    all over the code
> 
> v3:
>  - move back ve_offline, we need to free ve id
> 
> v4:
> - use native call_usermodehelper in release_agent execution, we don't
>   virtualized cgroups, but I kept error code and pr_warn so it would
>   be easier identify problems if ever
> - drop cgroup::cgroup_ve member, no longer used
> - drop unused cgroup_kernel_destory
> 
> v5:
>  - disable mounting of cgroups inside VE
>  - disable modifying toplevel bindmount cgroup
>    files from inside of container, except ve cgroup,
>    where we need to write "START" to kick container to
>    run (probably we will need more control here for
>    "restore" via CRIU case, hasn't investigated it
>    yet)
>  - drop redundant @cgrp from ve_offline
> 
> Signed-off-by: Cyrill Gorcunov <gorcunov at odin.com>
> CC: Vladimir Davydov <vdavydov at odin.com>
> CC: Konstantin Khorenko <khorenko at odin.com>
> CC: Pavel Emelyanov <xemul at odin.com>
> CC: Andrey Vagin <avagin at odin.com>

Acked-by: Vladimir Davydov <vdavydov at parallels.com>

More information about the Devel mailing list