resource limits for pods

added the following flags and handling for podman pod create --memory-swap --cpuset-mems --device-read-bps --device-write-bps --blkio-weight --blkio-weight-device --cpu-shares given the new backend for systemd in c/common, all of these can now be exposed to pod create. most of the heavy lifting (nearly all) is done within c/common. However, some rewiring needed to be done here as well! Signed-off-by: Charlie Doern <cdoern@redhat.com>
2025-12-08 06:39:05 +08:00 · 2022-07-07 14:44:10 -04:00
parent 5f53a67742
commit c00ea686fe
15 changed files with 530 additions and 227 deletions
--- a/test/system/200-pod.bats
+++ b/test/system/200-pod.bats
@@ -2,12 +2,17 @@

 load helpers

+LOOPDEVICE=
+
 # This is a long ugly way to clean up pods and remove the pause image
 function teardown() {
    run_podman pod rm -f -t 0 -a
    run_podman rm -f -t 0 -a
    run_podman rmi --ignore $(pause_image)
    basic_teardown
+    if [[ -n "$LOOPDEVICE" ]]; then
+        losetup -d $LOOPDEVICE
+    fi
 }


@@ -474,31 +479,57 @@ spec:

@test "pod resource limits" {
    skip_if_remote "resource limits only implemented on non-remote"
-    if is_rootless; then
+    if is_rootless || ! is_cgroupsv2; then
        skip "only meaningful for rootful"
    fi

-    local name1="resources1"
-    run_podman --cgroup-manager=systemd pod create --name=$name1 --cpus=5 --memory=10m
-    run_podman --cgroup-manager=systemd pod start $name1
-    run_podman pod inspect --format '{{.CgroupPath}}' $name1
-    local path1="$output"
-    local actual1=$(< /sys/fs/cgroup/$path1/cpu.max)
-    is "$actual1" "500000 100000" "resource limits set properly"
-    local actual2=$(< /sys/fs/cgroup/$path1/memory.max)
-    is "$actual2" "10485760" "resource limits set properly"
-    run_podman pod --cgroup-manager=systemd rm -f $name1
+    # create loopback device
+    lofile=${PODMAN_TMPDIR}/disk.img
+    fallocate -l 1k  ${lofile}
+    LOOPDEVICE=$(losetup --show -f $lofile)

-    local name2="resources2"
-    run_podman --cgroup-manager=cgroupfs pod create --cpus=5 --memory=10m --name=$name2
-    run_podman --cgroup-manager=cgroupfs pod start $name2
-    run_podman pod inspect --format '{{.CgroupPath}}' $name2
-    local path2="$output"
-    local actual2=$(< /sys/fs/cgroup/$path2/cpu.max)
-    is "$actual2" "500000 100000" "resource limits set properly"
-    local actual2=$(< /sys/fs/cgroup/$path2/memory.max)
-    is "$actual2" "10485760" "resource limits set properly"
-    run_podman --cgroup-manager=cgroupfs pod rm $name2
+    # tr needed because losetup seems to use %2d
+    lomajmin=$(losetup -l --noheadings --output MAJ:MIN $LOOPDEVICE | tr -d ' ')
+    run grep -w bfq /sys/block/$(basename ${LOOPDEVICE})/queue/scheduler
+    if [ $status -ne 0 ]; then
+        skip "BFQ scheduler is not supported on the system"
+        if [ -f ${lofile} ]; then
+            run_podman '?' rm -t 0 --all --force --ignore
+
+            while read path dev; do
+                if [[ "$path" == "$lofile" ]]; then
+                    losetup -d $dev
+                fi
+            done < <(losetup -l --noheadings --output BACK-FILE,NAME)
+            rm ${lofile}
+        fi
+    fi
+    echo bfq > /sys/block/$(basename ${LOOPDEVICE})/queue/scheduler
+
+    expected_limits="
+cpu.max         | 500000 100000
+memory.max      | 5242880
+memory.swap.max | 1068498944
+io.max          | $lomajmin rbps=1048576 wbps=1048576 riops=max wiops=max
+"
+
+    for cgm in systemd cgroupfs; do
+        local name=resources-$cgm
+        run_podman --cgroup-manager=$cgm pod create --name=$name --cpus=5 --memory=5m --memory-swap=1g --cpu-shares=1000 --cpuset-cpus=0 --cpuset-mems=0 --device-read-bps=${LOOPDEVICE}:1mb --device-write-bps=${LOOPDEVICE}:1mb --blkio-weight-device=${LOOPDEVICE}:123 --blkio-weight=50
+        run_podman --cgroup-manager=$cgm pod start $name
+        run_podman pod inspect --format '{{.CgroupPath}}' $name
+        local cgroup_path="$output"
+
+        while read unit expect; do
+            local actual=$(< /sys/fs/cgroup/$cgroup_path/$unit)
+            is "$actual" "$expect" "resource limit under $cgm: $unit"
+        done < <(parse_table "$expected_limits")
+        run_podman --cgroup-manager=$cgm pod rm -f $name
+    done
+
+    # Clean up, and prevent duplicate cleanup in teardown
+    losetup -d $LOOPDEVICE
+    LOOPDEVICE=
 }

@test "podman pod ps doesn't race with pod rm" {