From 9eb88ea474c3f6160090573c4bae3fe4c5ece016 Mon Sep 17 00:00:00 2001 From: cdoern Date: Tue, 18 Jan 2022 15:46:11 -0500 Subject: Podman pod create --share-parent vs --share=cgroup separated cgroupNS sharing from setting the pod as the cgroup parent, made a new flag --share-parent which sets the pod as the cgroup parent for all containers entering the pod remove cgroup from the default kernel namespaces since we want the same default behavior as before which is just the cgroup parent. resolves #12765 Signed-off-by: cdoern Signed-off-by: cdoern Signed-off-by: cdoern --- test/e2e/pod_create_test.go | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) (limited to 'test/e2e') diff --git a/test/e2e/pod_create_test.go b/test/e2e/pod_create_test.go index f0abfd80c..cd7f72ac0 100644 --- a/test/e2e/pod_create_test.go +++ b/test/e2e/pod_create_test.go @@ -1068,4 +1068,47 @@ ENTRYPOINT ["sleep","99999"] }) + It("podman pod create --share-parent test", func() { + SkipIfRootlessCgroupsV1("rootless cannot use cgroups with cgroupsv1") + podCreate := podmanTest.Podman([]string{"pod", "create", "--share-parent=false"}) + podCreate.WaitWithDefaultTimeout() + Expect(podCreate).Should(Exit(0)) + + ctrCreate := podmanTest.Podman([]string{"run", "-dt", "--pod", podCreate.OutputToString(), ALPINE}) + ctrCreate.WaitWithDefaultTimeout() + Expect(ctrCreate).Should(Exit(0)) + + inspectPod := podmanTest.Podman([]string{"pod", "inspect", podCreate.OutputToString()}) + inspectPod.WaitWithDefaultTimeout() + Expect(inspectPod).Should(Exit(0)) + data := inspectPod.InspectPodToJSON() + + inspect := podmanTest.InspectContainer(ctrCreate.OutputToString()) + Expect(data.CgroupPath).To(HaveLen(0)) + if podmanTest.CgroupManager == "cgroupfs" || !rootless.IsRootless() { + Expect(inspect[0].HostConfig.CgroupParent).To(HaveLen(0)) + } else if podmanTest.CgroupManager == "systemd" { + Expect(inspect[0].HostConfig.CgroupParent).To(Equal("user.slice")) + } + + podCreate2 := podmanTest.Podman([]string{"pod", "create", "--share", "cgroup,ipc,net,uts", "--share-parent=false", "--infra-name", "cgroupCtr"}) + podCreate2.WaitWithDefaultTimeout() + Expect(podCreate2).Should(Exit(0)) + + ctrCreate2 := podmanTest.Podman([]string{"run", "-dt", "--pod", podCreate2.OutputToString(), ALPINE}) + ctrCreate2.WaitWithDefaultTimeout() + Expect(ctrCreate2).Should(Exit(0)) + + inspectInfra := podmanTest.InspectContainer("cgroupCtr") + + inspect2 := podmanTest.InspectContainer(ctrCreate2.OutputToString()) + + Expect(inspect2[0].HostConfig.CgroupMode).To(ContainSubstring(inspectInfra[0].ID)) + + podCreate3 := podmanTest.Podman([]string{"pod", "create", "--share", "cgroup"}) + podCreate3.WaitWithDefaultTimeout() + Expect(podCreate3).ShouldNot(Exit(0)) + + }) + }) -- cgit v1.2.3-54-g00ecf