Documentation ¶
Index ¶
- Constants
- func MemLimitGivenSystem(cgroupLimit uint64) uint64
- func MoveProcessToContainerCgroup(containerPid, commandPid int) error
- func VerifyMemoryIsEnough(memoryLimit, minMemory int64) error
- type CPUStats
- type CgroupManager
- type CgroupStats
- type CgroupfsManager
- func (m *CgroupfsManager) ContainerCgroupAbsolutePath(sbParent, containerID string) (string, error)
- func (m *CgroupfsManager) ContainerCgroupManager(sbParent, containerID string) (libctrCg.Manager, error)
- func (*CgroupfsManager) ContainerCgroupPath(sbParent, containerID string) string
- func (m *CgroupfsManager) ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error)
- func (m *CgroupfsManager) CreateSandboxCgroup(sbParent, containerID string) error
- func (*CgroupfsManager) IsSystemd() bool
- func (*CgroupfsManager) MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, ...) (cgroupPathToClean string, _ error)
- func (*CgroupfsManager) Name() string
- func (m *CgroupfsManager) RemoveContainerCgManager(containerID string)
- func (m *CgroupfsManager) RemoveSandboxCgManager(sbID string)
- func (m *CgroupfsManager) RemoveSandboxCgroup(sbParent, containerID string) error
- func (m *CgroupfsManager) SandboxCgroupManager(sbParent, sbID string) (libctrCg.Manager, error)
- func (m *CgroupfsManager) SandboxCgroupPath(sbParent, sbID string, containerMinMemory int64) (cgParent, cgPath string, _ error)
- func (m *CgroupfsManager) SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error)
- type MemoryStats
- type PidsStats
- type SystemdManager
- func (m *SystemdManager) ContainerCgroupAbsolutePath(sbParent, containerID string) (string, error)
- func (m *SystemdManager) ContainerCgroupManager(sbParent, containerID string) (cgroups.Manager, error)
- func (*SystemdManager) ContainerCgroupPath(sbParent, containerID string) string
- func (m *SystemdManager) ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error)
- func (m *SystemdManager) CreateSandboxCgroup(sbParent, containerID string) error
- func (*SystemdManager) IsSystemd() bool
- func (m *SystemdManager) MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, ...) (cgroupPathToClean string, _ error)
- func (*SystemdManager) Name() string
- func (m *SystemdManager) RemoveContainerCgManager(containerID string)
- func (m *SystemdManager) RemoveSandboxCgManager(sbID string)
- func (m *SystemdManager) RemoveSandboxCgroup(sbParent, containerID string) error
- func (m *SystemdManager) SandboxCgroupManager(sbParent, sbID string) (cgroups.Manager, error)
- func (m *SystemdManager) SandboxCgroupPath(sbParent, sbID string, containerMinMemory int64) (cgParent, cgPath string, _ error)
- func (m *SystemdManager) SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error)
Constants ¶
const ( CrioPrefix = "crio" DefaultCgroupManager = systemdCgroupManager )
Variables ¶
This section is empty.
Functions ¶
func MemLimitGivenSystem ¶
MemLimitGivenSystem limit returns the memory limit for a given cgroup If the configured memory limit is larger than the total memory on the sys, the physical system memory size is returned
func MoveProcessToContainerCgroup ¶
MoveProcessToContainerCgroup moves process to the container cgroup
func VerifyMemoryIsEnough ¶
VerifyMemoryIsEnough verifies that the cgroup memory limit is above a specified minimum memory limit.
Types ¶
type CPUStats ¶
type CPUStats struct { TotalUsageNano uint64 PerCPUUsage []uint64 // Time spent by tasks of the cgroup in kernel mode in nanoseconds. UsageInKernelmode uint64 // Time spent by tasks of the cgroup in user mode in nanoseconds. UsageInUsermode uint64 // Number of periods with throttling active ThrottlingActivePeriods uint64 // Number of periods when the container hit its throttling limit. ThrottledPeriods uint64 // Aggregate time the container was throttled for in nanoseconds. ThrottledTime uint64 }
type CgroupManager ¶
type CgroupManager interface { // String returns the name of the cgroup manager (either cgroupfs or systemd) Name() string // IsSystemd returns whether it is a systemd cgroup manager IsSystemd() bool // ContainerCgroupPath takes arguments sandbox parent cgroup and container ID and returns // the cgroup path for that containerID. If parentCgroup is empty, it // uses the default parent for that particular manager ContainerCgroupPath(string, string) string // ContainerCgroupAbsolutePath takes arguments sandbox parent cgroup and container ID and // returns the cgroup path on disk for that containerID. If parentCgroup is empty, it // uses the default parent for that particular manager ContainerCgroupAbsolutePath(string, string) (string, error) // ContainerCgroupManager takes the cgroup parent, and container ID. // It returns the raw libcontainer cgroup manager for that container. ContainerCgroupManager(sbParent, containerID string) (libctr.Manager, error) // RemoveContainerCgManager removes the cgroup manager for the container RemoveContainerCgManager(containerID string) // ContainerCgroupStats takes the sandbox parent, and container ID. // It creates a new cgroup if one does not already exist. // It returns the cgroup stats for that container. ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error) // SandboxCgroupPath takes the sandbox parent, and sandbox ID, and container minimum memory. It // returns the cgroup parent, cgroup path, and error. For systemd cgroups, // it also checks there is enough memory in the given cgroup SandboxCgroupPath(string, string, int64) (string, string, error) // SandboxCgroupManager takes the cgroup parent, and sandbox ID. // It returns the raw libcontainer cgroup manager for that sandbox. SandboxCgroupManager(sbParent, sbID string) (libctr.Manager, error) // RemoveSandboxCgroupManager removes the cgroup manager for the sandbox RemoveSandboxCgManager(sbID string) // MoveConmonToCgroup takes the container ID, cgroup parent, conmon's cgroup (from the config), conmon's PID, and some customized resources // It attempts to move conmon to the correct cgroup, and set the resources for that cgroup. // It returns the cgroupfs parent that conmon was put into // so that CRI-O can clean the parent cgroup of the newly added conmon once the process terminates (systemd handles this for us) MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, resources *rspec.LinuxResources) (string, error) // CreateSandboxCgroup takes the sandbox parent, and sandbox ID. // It creates a new cgroup for that sandbox, which is useful when spoofing an infra container. CreateSandboxCgroup(sbParent, containerID string) error // RemoveSandboxCgroup takes the sandbox parent, and sandbox ID. // It removes the cgroup for that sandbox, which is useful when spoofing an infra container. RemoveSandboxCgroup(sbParent, containerID string) error // SandboxCgroupStats takes the sandbox parent, and sandbox ID. // It creates a new cgroup for that sandbox if it does not already exist. // It returns the cgroup stats for that sandbox. SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error) }
CgroupManager is an interface to interact with cgroups on a node. CRI-O is configured at startup to either use systemd or cgroupfs, and the node itself is booted with cgroup v1, or cgroup v2. CgroupManager is an interface for the CRI-O server to use cgroups, regardless of how it or the node was configured.
func SetCgroupManager ¶
func SetCgroupManager(cgroupManager string) (CgroupManager, error)
SetCgroupManager takes a string and branches on it to return the type of cgroup manager configured
type CgroupStats ¶
type CgroupStats struct { Memory *MemoryStats CPU *CPUStats Pid *PidsStats SystemNano int64 }
This is a universal stats object to be used across different runtime implementations. We could have used the libcontainer/cgroups.Stats object as a standard stats object for cri-o. But due to it's incompatibility with non-linux platforms, we have to create our own object that can be moved around regardless of the runtime.
type CgroupfsManager ¶
type CgroupfsManager struct {
// contains filtered or unexported fields
}
CgroupfsManager defines functionality whrn **** TODO: Update this
func (*CgroupfsManager) ContainerCgroupAbsolutePath ¶
func (m *CgroupfsManager) ContainerCgroupAbsolutePath(sbParent, containerID string) (string, error)
ContainerCgroupAbsolutePath just calls ContainerCgroupPath, because they both return the absolute path
func (*CgroupfsManager) ContainerCgroupManager ¶
func (m *CgroupfsManager) ContainerCgroupManager(sbParent, containerID string) (libctrCg.Manager, error)
ContainerCgroupManager takes the cgroup parent, and container ID. It returns the raw libcontainer cgroup manager for that container.
func (*CgroupfsManager) ContainerCgroupPath ¶
func (*CgroupfsManager) ContainerCgroupPath(sbParent, containerID string) string
ContainerCgroupPath takes arguments sandbox parent cgroup and container ID and returns the cgroup path for that containerID. If parentCgroup is empty, it uses the default parent /crio
func (*CgroupfsManager) ContainerCgroupStats ¶
func (m *CgroupfsManager) ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error)
ContainerCgroupStats takes the sandbox parent, and container ID. It creates a new cgroup if one does not already exist. It returns the cgroup stats for that container.
func (*CgroupfsManager) CreateSandboxCgroup ¶
func (m *CgroupfsManager) CreateSandboxCgroup(sbParent, containerID string) error
CreateSandboxCgroup calls the helper function createSandboxCgroup for this manager.
func (*CgroupfsManager) IsSystemd ¶
func (*CgroupfsManager) IsSystemd() bool
IsSystemd returns that this is not a systemd cgroup manager
func (*CgroupfsManager) MoveConmonToCgroup ¶
func (*CgroupfsManager) MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, resources *rspec.LinuxResources) (cgroupPathToClean string, _ error)
MoveConmonToCgroup takes the container ID, cgroup parent, conmon's cgroup (from the config) and conmon's PID It attempts to move conmon to the correct cgroup. It returns the cgroupfs parent that conmon was put into so that CRI-O can clean the cgroup path of the newly added conmon once the process terminates (systemd handles this for us)
func (*CgroupfsManager) Name ¶
func (*CgroupfsManager) Name() string
Name returns the name of the cgroup manager (cgroupfs)
func (*CgroupfsManager) RemoveContainerCgManager ¶
func (m *CgroupfsManager) RemoveContainerCgManager(containerID string)
RemoveContainerCgManager removes the cgroup manager for the container
func (*CgroupfsManager) RemoveSandboxCgManager ¶
func (m *CgroupfsManager) RemoveSandboxCgManager(sbID string)
RemoveSandboxCgroupManager removes the cgroup manager for the sandbox
func (*CgroupfsManager) RemoveSandboxCgroup ¶
func (m *CgroupfsManager) RemoveSandboxCgroup(sbParent, containerID string) error
RemoveSandboxCgroup calls the helper function removeSandboxCgroup for this manager.
func (*CgroupfsManager) SandboxCgroupManager ¶
func (m *CgroupfsManager) SandboxCgroupManager(sbParent, sbID string) (libctrCg.Manager, error)
SandboxCgroupManager takes the cgroup parent, and sandbox ID. It returns the raw libcontainer cgroup manager for that sandbox.
func (*CgroupfsManager) SandboxCgroupPath ¶
func (m *CgroupfsManager) SandboxCgroupPath(sbParent, sbID string, containerMinMemory int64) (cgParent, cgPath string, _ error)
SandboxCgroupPath takes the sandbox parent, sandbox ID, and container minimum memory. It returns the cgroup parent, cgroup path, and error. It also checks if enough memory is available in the given cgroup.
func (*CgroupfsManager) SandboxCgroupStats ¶
func (m *CgroupfsManager) SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error)
SandboxCgroupStats takes the sandbox parent, and sandbox ID. It creates a new cgroup for that sandbox if it does not already exist. It returns the cgroup stats for that sandbox.
type MemoryStats ¶
type MemoryStats struct { Usage uint64 Cache uint64 Limit uint64 MaxUsage uint64 WorkingSetBytes uint64 RssBytes uint64 PageFaults uint64 MajorPageFaults uint64 AvailableBytes uint64 KernelUsage uint64 KernelTCPUsage uint64 SwapUsage uint64 SwapLimit uint64 // Amount of cached filesystem data mapped with mmap(). FileMapped uint64 // The number of memory usage hits limits. For cgroup v1 only. Failcnt uint64 }
type SystemdManager ¶
type SystemdManager struct {
// contains filtered or unexported fields
}
SystemdManager is the parent type of SystemdV{1,2}Manager. it defines all of the common functionality between V1 and V2
func NewSystemdManager ¶
func NewSystemdManager() *SystemdManager
func (*SystemdManager) ContainerCgroupAbsolutePath ¶
func (m *SystemdManager) ContainerCgroupAbsolutePath(sbParent, containerID string) (string, error)
func (*SystemdManager) ContainerCgroupManager ¶
func (m *SystemdManager) ContainerCgroupManager(sbParent, containerID string) (cgroups.Manager, error)
ContainerCgroupManager takes the cgroup parent, and container ID. It returns the raw libcontainer cgroup manager for that container.
func (*SystemdManager) ContainerCgroupPath ¶
func (*SystemdManager) ContainerCgroupPath(sbParent, containerID string) string
ContainerCgroupPath takes arguments sandbox parent cgroup and container ID and returns the cgroup path for that containerID. If parentCgroup is empty, it uses the default parent system.slice
func (*SystemdManager) ContainerCgroupStats ¶
func (m *SystemdManager) ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error)
ContainerCgroupStats takes the sandbox parent, and container ID. It creates a new cgroup if one does not already exist. It returns the cgroup stats for that container.
func (*SystemdManager) CreateSandboxCgroup ¶
func (m *SystemdManager) CreateSandboxCgroup(sbParent, containerID string) error
CreateSandboxCgroup calls the helper function createSandboxCgroup for this manager. Note: createSandboxCgroup will create a cgroupfs cgroup for the infra container underneath the pod slice. It will not use dbus to create this cgroup, but instead call libcontainer's cgroupfs manager directly. This is because a scope created here will not have a process within it (as it's usually for a dropped infra container), and a slice cannot have the required `crio` prefix (while still being within the pod slice). Ultimately, this cgroup is required for cAdvisor to be able to register the pod and collect network metrics for it. This work will not be relevant when CRI-O is responsible for gathering pod metrics (KEP-2371), but is required until that's done.
func (*SystemdManager) IsSystemd ¶
func (*SystemdManager) IsSystemd() bool
IsSystemd returns that it is a systemd cgroup manager
func (*SystemdManager) MoveConmonToCgroup ¶
func (m *SystemdManager) MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, resources *rspec.LinuxResources) (cgroupPathToClean string, _ error)
MoveConmonToCgroup takes the container ID, cgroup parent, conmon's cgroup (from the config) and conmon's PID It attempts to move conmon to the correct cgroup. cgroupPathToClean should always be returned empty. It is part of the interface to return the cgroup path that cri-o is responsible for cleaning up upon the container's death. Systemd takes care of this cleaning for us, so return an empty string
func (*SystemdManager) Name ¶
func (*SystemdManager) Name() string
Name returns the name of the cgroup manager (systemd)
func (*SystemdManager) RemoveContainerCgManager ¶
func (m *SystemdManager) RemoveContainerCgManager(containerID string)
RemoveContainerCgManager removes the cgroup manager for the container
func (*SystemdManager) RemoveSandboxCgManager ¶
func (m *SystemdManager) RemoveSandboxCgManager(sbID string)
RemoveSandboxCgroupManager removes cgroup manager for the sandbox
func (*SystemdManager) RemoveSandboxCgroup ¶
func (m *SystemdManager) RemoveSandboxCgroup(sbParent, containerID string) error
RemoveSandboxCgroup calls the helper function removeSandboxCgroup for this manager.
func (*SystemdManager) SandboxCgroupManager ¶
func (m *SystemdManager) SandboxCgroupManager(sbParent, sbID string) (cgroups.Manager, error)
SandboxCgroupManager takes the cgroup parent, and sandbox ID. It returns the raw libcontainer cgroup manager for that sandbox.
func (*SystemdManager) SandboxCgroupPath ¶
func (m *SystemdManager) SandboxCgroupPath(sbParent, sbID string, containerMinMemory int64) (cgParent, cgPath string, _ error)
SandboxCgroupPath takes the sandbox parent, sandbox ID, and container minimum memory. It returns the cgroup parent, cgroup path, and error. It also checks if enough memory is available in the given cgroup.
func (*SystemdManager) SandboxCgroupStats ¶
func (m *SystemdManager) SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error)
SandboxCgroupStats takes the sandbox parent, and sandbox ID. It creates a new cgroup for that sandbox if it does not already exist. It returns the cgroup stats for that sandbox.