From d856210ea85269bdc23bb694f8828d89d2802f84 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 19 Aug 2020 14:11:16 +0200 Subject: podman: add option --cgroup-conf it allows to manually tweak the configuration for cgroup v2. we will expose some of the options in future as single options (e.g. the new memory knobs), but for now add the more generic --cgroup-conf mechanism for maximum control on the cgroup configuration. OCI specs change: https://github.com/opencontainers/runtime-spec/pull/1040 Requires: https://github.com/containers/crun/pull/459 Signed-off-by: Giuseppe Scrivano --- cmd/podman/common/create.go | 5 +++++ cmd/podman/common/create_opts.go | 2 ++ cmd/podman/common/specgen.go | 15 ++++++++++++++- 3 files changed, 21 insertions(+), 1 deletion(-) (limited to 'cmd') diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 403a1065b..d0bc8d466 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -516,5 +516,10 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet { "seccomp-policy", "default", "Policy for selecting a seccomp profile (experimental)", ) + createFlags.StringSliceVar( + &cf.CgroupConf, + "cgroup-conf", []string{}, + "Configure cgroup v2 (key=value)", + ) return &createFlags } diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index f9e4d7ca5..16d41988f 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -106,4 +106,6 @@ type ContainerCLIOpts struct { SeccompPolicy string Net *entities.NetOptions + + CgroupConf []string } diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index bf50bb56b..4de622916 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -450,7 +450,20 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string s.ResourceLimits.Pids = &pids } s.ResourceLimits.CPU = getCPULimits(c) - if s.ResourceLimits.CPU == nil && s.ResourceLimits.Pids == nil && s.ResourceLimits.BlockIO == nil && s.ResourceLimits.Memory == nil { + + unifieds := make(map[string]string) + for _, unified := range c.CgroupConf { + splitUnified := strings.SplitN(unified, "=", 2) + if len(splitUnified) < 2 { + return errors.Errorf("--cgroup-conf must be formatted KEY=VALUE") + } + unifieds[splitUnified[0]] = splitUnified[1] + } + if len(unifieds) > 0 { + s.ResourceLimits.Unified = unifieds + } + + if s.ResourceLimits.CPU == nil && s.ResourceLimits.Pids == nil && s.ResourceLimits.BlockIO == nil && s.ResourceLimits.Memory == nil && s.ResourceLimits.Unified == nil { s.ResourceLimits = nil } -- cgit v1.2.3-54-g00ecf