[Devel] [PATCH rh7] cgroups: Drop virtualization code, v5

Konstantin Khorenko khorenko at odin.com
Thu May 7 14:41:02 PDT 2015


Ok, i'm applying this version.

We still have following issues to address:

1) what should be shown in /proc/cgroups inside a CT and how
   https://jira.sw.ru/browse/PSBM-33400

2) we need a list of cgroups, creating sub-cgroups of which might make troubles for the Node as a whole
   For now we keep in mind only memcg. Any others?
   We need to limit the number of sub-cgroups of those kinds by some reasonable defaults (Volodya, how many memory subcgroups might give us noticeable performance degradation?),
   and optionally create new corresponding per-CT parameter in userspace (but this can be done later in case default is high enough and we won't hit it soon).
   https://jira.sw.ru/browse/PSBM-33401


--
Best regards,

Konstantin Khorenko,
Virtuozzo Linux Kernel Team

On 05/07/2015 05:54 PM, Vladimir Davydov wrote:
> On Thu, May 07, 2015 at 05:01:42PM +0300, Cyrill Gorcunov wrote:
>> Here we rip off all the virtualization code we introduced into kernel to
>> behave close to rhel6.
>>
>> Because we're trying a new concept (bindmounting from the node) it is
>> no longer needed.
>>
>> Now some details:
>>
>>  - drop cgroup_show_path -- we don't hide VEID in /proc/self/cgroup output,
>>    it doesn't break criu so no need to carry it, same applies to changes
>>    in cgroup_path;
>>
>>  - because we drop virtualization of systemd -- disable creation of new
>>    hierarchies in container: we don't support it, neither we need it. The
>>    primary reason why we allowed new hierarchies in container was that
>>    CRIU has been running restore procedure inside VE but now we initiate
>>    restore from VE0, so we can safely disable new hierarchies;
>>
>>  - in cgroup_addrm_files go back to former RHEL7 code; if we need something
>>    special here it must be reviewed carefully and separately;
>>
>>  - no need to hide /proc/cgroups in VE, there is no sensible info present.
>>
>> v2:
>>  - take into account commits 38f039db6e023ac14517219ad6f674633c4e99ca
>>    and c2ac6df22b20389ae2d0af49c436b00ff3243e89 removing cgroup_is_disposable,
>>    cgroup_kernel_destroy, ve::ve_cgroup_head.
>>
>>  - drop GRPP_WEAK, CGRP_SELF_DESTRUCTION and CGRP_VE_TOP_CGROUP_VIRTUAL flags
>>    which implies the cgroups no longer auto-cleaned up but user-space tool
>>    (read vzctl and friends) should handle cgroups removal
>>
>>  - because we're moving to native cgroups code we don't virtualize release
>>    agent anymore
>>
>>  - still cgroup::cgroup_ve member is needed because we're using it
>>    all over the code
>>
>> v3:
>>  - move back ve_offline, we need to free ve id
>>
>> v4:
>> - use native call_usermodehelper in release_agent execution, we don't
>>   virtualized cgroups, but I kept error code and pr_warn so it would
>>   be easier identify problems if ever
>> - drop cgroup::cgroup_ve member, no longer used
>> - drop unused cgroup_kernel_destory
>>
>> v5:
>>  - disable mounting of cgroups inside VE
>>  - disable modifying toplevel bindmount cgroup
>>    files from inside of container, except ve cgroup,
>>    where we need to write "START" to kick container to
>>    run (probably we will need more control here for
>>    "restore" via CRIU case, hasn't investigated it
>>    yet)
>>  - drop redundant @cgrp from ve_offline
>>
>> Signed-off-by: Cyrill Gorcunov <gorcunov at odin.com>
>> CC: Vladimir Davydov <vdavydov at odin.com>
>> CC: Konstantin Khorenko <khorenko at odin.com>
>> CC: Pavel Emelyanov <xemul at odin.com>
>> CC: Andrey Vagin <avagin at odin.com>
> 
> Acked-by: Vladimir Davydov <vdavydov at parallels.com>
> _______________________________________________
> Devel mailing list
> Devel at openvz.org
> https://lists.openvz.org/mailman/listinfo/devel
> 



More information about the Devel mailing list