[Devel] [PATCH RFC VZ10 0/2] Improve RPC kill-tasks mechanism
Vladimir Riabchun
vladimir.riabchun at virtuozzo.com
Fri May 29 12:51:25 MSK 2026
There is a hack for stopping containers with RPC connections,
but is has several flaws.
They are described in the second commit and in the task
https://virtuozzo.atlassian.net/browse/VSTOR-126316
Suggested approach - atomic (with respect to the set of
network namespaces) iteration over nets and RPC kill
in each.
One questionable point - RCU protection of rpc_kill_net_fn.
If there are many namespaces in general, the loop may take
a while and cause soft lockup. So:
1. Maybe race between rpc_kill request and sunrpc unload is
impossible? In this case all this locking is not needed.
2. Maybe there is an easier way of providing a callback from
module?
Tested by a CT with nested network namespace.
Current vzctl per-PID approach:
[ 590.261534] kill-tasks: by task (vzctl:14066) in net:[4026533581]
[ 591.308176] CT: acded8b8-6a7a-494e-a4f1-a58767276b6f: stopped
With new machine.slice/CTID/ve.rpc_kill interface:
[ 663.055995] kill-tasks: by task (bash:4084) in net:[4026533581]
[ 663.056371] kill-tasks: by task (bash:4084) in net:[4026533987]
Vladimir Riabchun (2):
ve/sunrpc: Refactor {rpc, write}_kill_tasks
ve/sunrpc: Implement a per-ve sunrpc killer
include/linux/sunrpc/clnt.h | 2 ++
include/linux/ve.h | 4 ++++
kernel/ve/ve.c | 44 +++++++++++++++++++++++++++++++++++++
net/sunrpc/clnt.c | 31 ++++++++++++++------------
net/sunrpc/sunrpc_syms.c | 3 +++
5 files changed, 70 insertions(+), 14 deletions(-)
--
2.47.1
More information about the Devel
mailing list