[Devel] [PATCH RH7] ve/pid: Export kernel.pid_max via ve cgroup
Konstantin Khorenko
khorenko at virtuozzo.com
Tue Aug 9 06:57:30 PDT 2016
Why we had to virtualize "pid_max": https://jira.sw.ru/browse/PCLIN-27054
In brief: x86_64 node + x86 CT + pid_max > 65536 = non-working ps, top because inode numbers become greater than 32bit and compat_sys_getdents()->compat_filldir() fails to handle them
=> as we still can have 32bit Containers on Virtuozzo 7 (although there are no 32bit templates in vz7 - legacy Containers, migrated from PCS6 are still possible)
=> we have to keep sysctl virtualized for now
=> applying the patch for ease of migration.
--
Best regards,
Konstantin Khorenko,
Virtuozzo Linux Kernel Team
On 07/19/2016 02:46 PM, Cyrill Gorcunov wrote:
> On Tue, Jul 19, 2016 at 02:26:06PM +0300, Pavel Tikhomirov wrote:
>>
>>
>> On 07/19/2016 02:17 PM, Cyrill Gorcunov wrote:
>>> On Tue, Jul 19, 2016 at 02:00:20PM +0300, Pavel Tikhomirov wrote:
>>>> This member represents kernel.pid_max sysctl it is vz-specific but
>>>> lays on pid namespace. To be able to c/r from libvzctl script it is
>>>> better put pid_max in ve cgroup, these way we do not need to enter
>>>> container root pid namespace to get/set these sysctl.
>>>
>>> Wait, kernel.pid_max is not ve-specific (see kernel/sysctl.c in
>>> vanilla kernel). Why do we have to c/r it at all?
>>
>> It is virtualized only in VZ7(see proc_dointvec_pidmax), so in mainstream it
>> is global sysctl unlike our case.
>
> Acked-by: Cyrill Gorcunov <gorcunov at openvz.org>
>
> p.s. I'm not really follow why this feature is needed in container
> at all, i mean the @pid_max virtualization. Presume due to hist. reasons.
> .
>
More information about the Devel
mailing list