opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-17 23:26:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

stats: fix cgroup path for rootless containers

Browse Source 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2019-06-19 14:22:09 +02:00
parent 1778bfa5fe
commit e27fef335a
5 changed files with 33 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
libpod/container.go
View File

@ -14,6 +14,7 @@ import (
"github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/lock" "github.com/containers/libpod/libpod/lock"
"github.com/containers/libpod/pkg/namespaces" "github.com/containers/libpod/pkg/namespaces"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/storage" "github.com/containers/storage"
"github.com/cri-o/ocicni/pkg/ocicni" "github.com/cri-o/ocicni/pkg/ocicni"
spec "github.com/opencontainers/runtime-spec/specs-go" spec "github.com/opencontainers/runtime-spec/specs-go"
@ -52,6 +53,10 @@ const CgroupfsDefaultCgroupParent = "/libpod_parent"
// manager in libpod // manager in libpod
const SystemdDefaultCgroupParent = "machine.slice" const SystemdDefaultCgroupParent = "machine.slice"
// SystemdDefaultRootlessCgroupParent is the cgroup parent for the systemd cgroup
// manager in libpod when running as rootless
const SystemdDefaultRootlessCgroupParent = "user.slice"
// JournaldLogging is the string conmon expects to specify journald logging // JournaldLogging is the string conmon expects to specify journald logging
const JournaldLogging = "journald" const JournaldLogging = "journald"
@ -1109,6 +1114,10 @@ func (c *Container) CGroupPath() (string, error) {
case CgroupfsCgroupsManager: case CgroupfsCgroupsManager:
return filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID())), nil return filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID())), nil
case SystemdCgroupsManager: case SystemdCgroupsManager:
if rootless.IsRootless() {
uid := rootless.GetRootlessUID()
return filepath.Join(c.config.CgroupParent, fmt.Sprintf("user-%d.slice/user@%d.service/user.slice", uid, uid), createUnitName("libpod", c.ID())), nil
}
return filepath.Join(c.config.CgroupParent, createUnitName("libpod", c.ID())), nil return filepath.Join(c.config.CgroupParent, createUnitName("libpod", c.ID())), nil
default: default:
return "", errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager %s in use", c.runtime.config.CgroupManager) return "", errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager %s in use", c.runtime.config.CgroupManager)

7
libpod/container_internal_linux.go
View File

@ -23,6 +23,7 @@ import (
"github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/define"
crioAnnotations "github.com/containers/libpod/pkg/annotations" crioAnnotations "github.com/containers/libpod/pkg/annotations"
"github.com/containers/libpod/pkg/apparmor" "github.com/containers/libpod/pkg/apparmor"
"github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/criu" "github.com/containers/libpod/pkg/criu"
"github.com/containers/libpod/pkg/lookup" "github.com/containers/libpod/pkg/lookup"
"github.com/containers/libpod/pkg/resolvconf" "github.com/containers/libpod/pkg/resolvconf"
@ -350,7 +351,11 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
g.AddProcessEnv("container", "libpod") g.AddProcessEnv("container", "libpod")
} }
if rootless.IsRootless() { unified, err := cgroups.IsCgroup2UnifiedMode()
if err != nil {
return nil, err
}
if rootless.IsRootless() && !unified {
g.SetLinuxCgroupsPath("") g.SetLinuxCgroupsPath("")
} else if c.runtime.config.CgroupManager == SystemdCgroupsManager { } else if c.runtime.config.CgroupManager == SystemdCgroupsManager {
// When runc is set to use Systemd as a cgroup manager, it // When runc is set to use Systemd as a cgroup manager, it

2
libpod/runtime_ctr.go
View File

@ -191,6 +191,8 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container, restore bo
return nil, errors.Wrapf(err, "error retrieving pod %s cgroup", pod.ID()) return nil, errors.Wrapf(err, "error retrieving pod %s cgroup", pod.ID())
} }
ctr.config.CgroupParent = podCgroup ctr.config.CgroupParent = podCgroup
} else if rootless.IsRootless() {
ctr.config.CgroupParent = SystemdDefaultRootlessCgroupParent
} else { } else {
ctr.config.CgroupParent = SystemdDefaultCgroupParent ctr.config.CgroupParent = SystemdDefaultCgroupParent
} }

7
libpod/runtime_pod_linux.go
View File

@ -12,6 +12,7 @@ import (
"github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/events" "github.com/containers/libpod/libpod/events"
"github.com/containers/libpod/pkg/cgroups" "github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/rootless"
spec "github.com/opencontainers/runtime-spec/specs-go" spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -78,7 +79,11 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (*Pod,
} }
case SystemdCgroupsManager: case SystemdCgroupsManager:
if pod.config.CgroupParent == "" { if pod.config.CgroupParent == "" {
pod.config.CgroupParent = SystemdDefaultCgroupParent if rootless.IsRootless() {
pod.config.CgroupParent = SystemdDefaultRootlessCgroupParent
} else {
pod.config.CgroupParent = SystemdDefaultCgroupParent
}
} else if len(pod.config.CgroupParent) < 6 || !strings.HasSuffix(path.Base(pod.config.CgroupParent), ".slice") { } else if len(pod.config.CgroupParent) < 6 || !strings.HasSuffix(path.Base(pod.config.CgroupParent), ".slice") {
return nil, errors.Wrapf(define.ErrInvalidArg, "did not receive systemd slice as cgroup parent when using systemd to manage cgroups") return nil, errors.Wrapf(define.ErrInvalidArg, "did not receive systemd slice as cgroup parent when using systemd to manage cgroups")
} }

12
libpod/util_linux.go
View File

@ -8,6 +8,7 @@ import (
"github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/pkg/cgroups" "github.com/containers/libpod/pkg/cgroups"
"github.com/containers/libpod/pkg/rootless"
"github.com/opencontainers/selinux/go-selinux/label" "github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -33,9 +34,16 @@ func systemdSliceFromPath(parent, name string) (string, error) {
return cgroupPath, nil return cgroupPath, nil
} }
func getDefaultSystemdCgroup() string {
if rootless.IsRootless() {
return SystemdDefaultRootlessCgroupParent
}
return SystemdDefaultCgroupParent
}
// makeSystemdCgroup creates a systemd CGroup at the given location. // makeSystemdCgroup creates a systemd CGroup at the given location.
func makeSystemdCgroup(path string) error { func makeSystemdCgroup(path string) error {
controller, err := cgroups.NewSystemd(SystemdDefaultCgroupParent) controller, err := cgroups.NewSystemd(getDefaultSystemdCgroup())
if err != nil { if err != nil {
return err return err
} }
@ -45,7 +53,7 @@ func makeSystemdCgroup(path string) error {
// deleteSystemdCgroup deletes the systemd cgroup at the given location // deleteSystemdCgroup deletes the systemd cgroup at the given location
func deleteSystemdCgroup(path string) error { func deleteSystemdCgroup(path string) error {
controller, err := cgroups.NewSystemd(SystemdDefaultCgroupParent) controller, err := cgroups.NewSystemd(getDefaultSystemdCgroup())
if err != nil { if err != nil {
return err return err
} }