Cgroups v2 support #465
Merged
Cgroups v2 support #465
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @@ -17,7 +19,7 @@ func GetCGroupPath(cgroupsRootPath, subsystem, tag string, privileged, throttlin | |||
| } | |||
|
|
|||
| if throttlingCPU { | |||
| parentCgroup = filepath.Join(parentCgroup, cgroups.GoodCgroupName) | |||
| parentCgroup = filepath.Join(parentCgroup, gardencgroups.GoodCgroupName) | |||
| } | |||
There was a problem hiding this comment.
Is there no Throttling in cgroups v2?
There was a problem hiding this comment.
cgroup v2 has CPU throttling as well. For both v1 and v2 we are doing this ourselves, by moving processes between bad and good cgroups (see throttler.go)
mariash
force-pushed
the
cgroups-v2
branch
2 times, most recently
from
bc78bd0 to
dfdebc8
Compare
|
Let's wait for new runc release with the revert of /dev/net/tun removal - opencontainers/runc#4555 before merging this one. This way it will not be a breaking change. |
MarcPaquette
reviewed
Jan 7, 2025
rundmc/cgroups/defaultcgrouper.go
Outdated
There was a problem hiding this comment.
Missing some tests for this file.
mariash
force-pushed
the
cgroups-v2
branch
2 times, most recently
from
b4cb164 to
6e54aca
Compare
- Bumped runc to 1.2.3 - In new runc default list of devices was changed (/dev/net/tun is removed) - opencontainers/runc#3468 - Switched to containerd config v2. v1 is deprecated. - There are no subsystems in cgroup v2. If Tag is provided cgroup2 is mounted to /tmp/cgroup-N/unified (for N parallel tests). If Tag is not provided garden cgroup is in format /sys/fs/cgroup/garden. - CPU shares are now replaced with CPU weight. - In cgroups v2 kernel throws an error when large number is provided for CPU weight. In cgroup v1 kernel accepts the number for CPU shares and saves as MAX_SHARES. This behavior is replicated in the SharesBalancer. - CPUCgrouper is manually enabling cgroup controllers since bad cgroup folder is manually created. - CPU usage is read from cpu.stat file for cgroup v2. - In cgroup v2 only leaf cgroups can have processes. Cgroup for containerd garden-init is moved from /sys/fs/cgroup/garden/handle to /sys/fs/cgroup/garden/handle/init since /sys/fs/cgroup/garden/handle will contain pea cgroups and can not be leaf. Cgroup resources are manually set on /sys/fs/cgroup/garden/handle and this folder is manually cleaned up. - Switched to updated cloudfoundry docker images from unsupported cfgarden docker images.
Bring back /dev/net/tun default device
|
Removed breaking change notice, since new runc brought back /dev/tun in default list of devices and added those tests back. |
MarcPaquette
approved these changes
Jan 10, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Add support for cgroups v2
Backward Compatibility
Breaking Change? No