diff options
| author | Matthew Heon <matthew.heon@pm.me> | 2019-07-15 16:44:56 -0400 |
|---|---|---|
| committer | Matthew Heon <matthew.heon@pm.me> | 2019-09-10 10:52:37 -0400 |
| commit | c2284962c798a11f3c956ee237f27cfd3b0fcb21 (patch) | |
| tree | a82ff49ee28be13a9a1702506aa7be051fea9fb1 /libpod/oci_internal_linux.go | |
| parent | 16a70490852fdaf3ea5aeea6b2be19dd70fbf1c7 (diff) | |
| download | podman-c2284962c798a11f3c956ee237f27cfd3b0fcb21.tar.gz podman-c2284962c798a11f3c956ee237f27cfd3b0fcb21.tar.bz2 podman-c2284962c798a11f3c956ee237f27cfd3b0fcb21.zip | |
Add support for launching containers without CGroups
This is mostly used with Systemd, which really wants to manage
CGroups itself when managing containers via unit file.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'libpod/oci_internal_linux.go')
| -rw-r--r-- | libpod/oci_internal_linux.go | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/libpod/oci_internal_linux.go b/libpod/oci_internal_linux.go index 48b7370e0..f9e935d86 100644 --- a/libpod/oci_internal_linux.go +++ b/libpod/oci_internal_linux.go @@ -263,7 +263,7 @@ func (r *OCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*os.File func (r *OCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, pidPath, logPath, exitDir, ociLogPath string) []string { // set the conmon API version to be able to use the correct sync struct keys args := []string{"--api-version", "1"} - if r.cgroupManager == SystemdCgroupsManager { + if r.cgroupManager == SystemdCgroupsManager && !ctr.config.NoCgroups { args = append(args, "-s") } args = append(args, "-c", ctr.ID()) @@ -307,6 +307,10 @@ func (r *OCIRuntime) sharedConmonArgs(ctr *Container, cuuid, bundlePath, pidPath if ociLogPath != "" { args = append(args, "--runtime-arg", "--log-format=json", "--runtime-arg", "--log", fmt.Sprintf("--runtime-arg=%s", ociLogPath)) } + if ctr.config.NoCgroups { + logrus.Debugf("Running with no CGroups") + args = append(args, "--runtime-arg", "--cgroup-manager", "--runtime-arg", "disabled") + } return args } @@ -355,6 +359,11 @@ func startCommandGivenSelinux(cmd *exec.Cmd) error { // moveConmonToCgroupAndSignal gets a container's cgroupParent and moves the conmon process to that cgroup // it then signals for conmon to start by sending nonse data down the start fd func (r *OCIRuntime) moveConmonToCgroupAndSignal(ctr *Container, cmd *exec.Cmd, startFd *os.File, uuid string) error { + // If cgroup creation is disabled - just signal. + if ctr.config.NoCgroups { + return writeConmonPipeData(startFd) + } + cgroupParent := ctr.CgroupParent() if r.cgroupManager == SystemdCgroupsManager { unitName := createUnitName("libpod-conmon", ctr.ID()) |