diff options
| author | Matthew Heon <matthew.heon@gmail.com> | 2018-05-16 12:45:09 -0400 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-05-17 23:10:12 +0000 |
| commit | 7e1ea9d26dff92c346bb11640fdab523d513e867 (patch) | |
| tree | 28fca87c36fa1ddf5c357c61e2677626ed27835a /libpod/runtime_ctr.go | |
| parent | 018d2c6b1d23acf7fe67e809498bc354eaf6becf (diff) | |
| download | podman-7e1ea9d26dff92c346bb11640fdab523d513e867.tar.gz podman-7e1ea9d26dff92c346bb11640fdab523d513e867.tar.bz2 podman-7e1ea9d26dff92c346bb11640fdab523d513e867.zip | |
Add per-pod CGroups
Pods can now create their own (cgroupfs) cgroups which containers
in them can (optionally) use.
This presently only works with CGroupFS, systemd cgroups are
still WIP
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #784
Approved by: rhatdan
Diffstat (limited to 'libpod/runtime_ctr.go')
| -rw-r--r-- | libpod/runtime_ctr.go | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 0f992822a..c6973ff2a 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -52,6 +52,15 @@ func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options .. ctr.state.State = ContainerStateConfigured ctr.runtime = r + var pod *Pod + if ctr.config.Pod != "" { + // Get the pod from state + pod, err = r.state.Pod(ctr.config.Pod) + if err != nil { + return nil, errors.Wrapf(err, "cannot add container %s to pod %s", ctr.ID(), ctr.config.Pod) + } + } + if ctr.config.Name == "" { name, err := r.generateName() if err != nil { @@ -65,13 +74,29 @@ func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options .. switch r.config.CgroupManager { case CgroupfsCgroupsManager: if ctr.config.CgroupParent == "" { - ctr.config.CgroupParent = CgroupfsDefaultCgroupParent + if pod != nil && pod.config.UsePodCgroup { + podCgroup, err := pod.CgroupPath() + if err != nil { + return nil, errors.Wrapf(err, "error retrieving pod %s cgroup", pod.ID()) + } + ctr.config.CgroupParent = podCgroup + } else { + ctr.config.CgroupParent = CgroupfsDefaultCgroupParent + } } else if strings.HasSuffix(path.Base(ctr.config.CgroupParent), ".slice") { return nil, errors.Wrapf(ErrInvalidArg, "systemd slice received as cgroup parent when using cgroupfs") } case SystemdCgroupsManager: if ctr.config.CgroupParent == "" { - ctr.config.CgroupParent = SystemdDefaultCgroupParent + if pod != nil && pod.config.UsePodCgroup { + podCgroup, err := pod.CgroupPath() + if err != nil { + return nil, errors.Wrapf(err, "error retrieving pod %s cgroup", pod.ID()) + } + ctr.config.CgroupParent = podCgroup + } else { + ctr.config.CgroupParent = SystemdDefaultCgroupParent + } } else if len(ctr.config.CgroupParent) < 6 || !strings.HasSuffix(path.Base(ctr.config.CgroupParent), ".slice") { return nil, errors.Wrapf(ErrInvalidArg, "did not receive systemd slice as cgroup parent when using systemd to manage cgroups") } @@ -110,12 +135,6 @@ func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options .. // Add the container to the state // TODO: May be worth looking into recovering from name/ID collisions here if ctr.config.Pod != "" { - // Get the pod from state - pod, err := r.state.Pod(ctr.config.Pod) - if err != nil { - return nil, errors.Wrapf(err, "cannot add container %s to pod %s", ctr.ID(), ctr.config.Pod) - } - // Lock the pod to ensure we can't add containers to pods // being removed pod.lock.Lock() |