cgmgr

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 25, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source
const (
	CrioPrefix = "crio"

	DefaultCgroupManager = systemdCgroupManager
)

Variables

This section is empty.

Functions

func MemLimitGivenSystem

func MemLimitGivenSystem(cgroupLimit uint64) uint64

MemLimitGivenSystem limit returns the memory limit for a given cgroup If the configured memory limit is larger than the total memory on the sys, the physical system memory size is returned

func MoveProcessToContainerCgroup

func MoveProcessToContainerCgroup(containerPid, commandPid int) error

MoveProcessToContainerCgroup moves process to the container cgroup

func VerifyMemoryIsEnough

func VerifyMemoryIsEnough(memoryLimit, minMemory int64) error

VerifyMemoryIsEnough verifies that the cgroup memory limit is above a specified minimum memory limit.

Types

type CPUStats

type CPUStats struct {
	TotalUsageNano uint64
	PerCPUUsage    []uint64
	// Time spent by tasks of the cgroup in kernel mode in nanoseconds.
	UsageInKernelmode uint64
	// Time spent by tasks of the cgroup in user mode in nanoseconds.
	UsageInUsermode uint64
	// Number of periods with throttling active
	ThrottlingActivePeriods uint64
	// Number of periods when the container hit its throttling limit.
	ThrottledPeriods uint64
	// Aggregate time the container was throttled for in nanoseconds.
	ThrottledTime uint64
}

type CgroupManager

type CgroupManager interface {
	// String returns the name of the cgroup manager (either cgroupfs or systemd)
	Name() string
	// IsSystemd returns whether it is a systemd cgroup manager
	IsSystemd() bool
	// ContainerCgroupPath takes arguments sandbox parent cgroup and container ID and returns
	// the cgroup path for that containerID. If parentCgroup is empty, it
	// uses the default parent for that particular manager
	ContainerCgroupPath(string, string) string
	// ContainerCgroupAbsolutePath takes arguments sandbox parent cgroup and container ID and
	// returns the cgroup path on disk for that containerID. If parentCgroup is empty, it
	// uses the default parent for that particular manager
	ContainerCgroupAbsolutePath(string, string) (string, error)
	// ContainerCgroupManager takes the cgroup parent, and container ID.
	// It returns the raw libcontainer cgroup manager for that container.
	ContainerCgroupManager(sbParent, containerID string) (libctr.Manager, error)
	// RemoveContainerCgManager removes the cgroup manager for the container
	RemoveContainerCgManager(containerID string)
	// ContainerCgroupStats takes the sandbox parent, and container ID.
	// It creates a new cgroup if one does not already exist.
	// It returns the cgroup stats for that container.
	ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error)
	// SandboxCgroupPath takes the sandbox parent, and sandbox ID, and container minimum memory. It
	// returns the cgroup parent, cgroup path, and error. For systemd cgroups,
	// it also checks there is enough memory in the given cgroup
	SandboxCgroupPath(string, string, int64) (string, string, error)
	// SandboxCgroupManager takes the cgroup parent, and sandbox ID.
	// It returns the raw libcontainer cgroup manager for that sandbox.
	SandboxCgroupManager(sbParent, sbID string) (libctr.Manager, error)
	// RemoveSandboxCgroupManager removes the cgroup manager for the sandbox
	RemoveSandboxCgManager(sbID string)
	// MoveConmonToCgroup takes the container ID, cgroup parent, conmon's cgroup (from the config), conmon's PID, and some customized resources
	// It attempts to move conmon to the correct cgroup, and set the resources for that cgroup.
	// It returns the cgroupfs parent that conmon was put into
	// so that CRI-O can clean the parent cgroup of the newly added conmon once the process terminates (systemd handles this for us)
	MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, resources *rspec.LinuxResources) (string, error)
	// CreateSandboxCgroup takes the sandbox parent, and sandbox ID.
	// It creates a new cgroup for that sandbox, which is useful when spoofing an infra container.
	CreateSandboxCgroup(sbParent, containerID string) error
	// RemoveSandboxCgroup takes the sandbox parent, and sandbox ID.
	// It removes the cgroup for that sandbox, which is useful when spoofing an infra container.
	RemoveSandboxCgroup(sbParent, containerID string) error
	// SandboxCgroupStats takes the sandbox parent, and sandbox ID.
	// It creates a new cgroup for that sandbox if it does not already exist.
	// It returns the cgroup stats for that sandbox.
	SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error)
}

CgroupManager is an interface to interact with cgroups on a node. CRI-O is configured at startup to either use systemd or cgroupfs, and the node itself is booted with cgroup v1, or cgroup v2. CgroupManager is an interface for the CRI-O server to use cgroups, regardless of how it or the node was configured.

func New

func New() CgroupManager

New creates a new CgroupManager with defaults

func SetCgroupManager

func SetCgroupManager(cgroupManager string) (CgroupManager, error)

SetCgroupManager takes a string and branches on it to return the type of cgroup manager configured

type CgroupStats

type CgroupStats struct {
	Memory     *MemoryStats
	CPU        *CPUStats
	Pid        *PidsStats
	SystemNano int64
}

This is a universal stats object to be used across different runtime implementations. We could have used the libcontainer/cgroups.Stats object as a standard stats object for cri-o. But due to it's incompatibility with non-linux platforms, we have to create our own object that can be moved around regardless of the runtime.

type CgroupfsManager

type CgroupfsManager struct {
	// contains filtered or unexported fields
}

CgroupfsManager defines functionality whrn **** TODO: Update this

func (*CgroupfsManager) ContainerCgroupAbsolutePath

func (m *CgroupfsManager) ContainerCgroupAbsolutePath(sbParent, containerID string) (string, error)

ContainerCgroupAbsolutePath just calls ContainerCgroupPath, because they both return the absolute path

func (*CgroupfsManager) ContainerCgroupManager

func (m *CgroupfsManager) ContainerCgroupManager(sbParent, containerID string) (libctrCg.Manager, error)

ContainerCgroupManager takes the cgroup parent, and container ID. It returns the raw libcontainer cgroup manager for that container.

func (*CgroupfsManager) ContainerCgroupPath

func (*CgroupfsManager) ContainerCgroupPath(sbParent, containerID string) string

ContainerCgroupPath takes arguments sandbox parent cgroup and container ID and returns the cgroup path for that containerID. If parentCgroup is empty, it uses the default parent /crio

func (*CgroupfsManager) ContainerCgroupStats

func (m *CgroupfsManager) ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error)

ContainerCgroupStats takes the sandbox parent, and container ID. It creates a new cgroup if one does not already exist. It returns the cgroup stats for that container.

func (*CgroupfsManager) CreateSandboxCgroup

func (m *CgroupfsManager) CreateSandboxCgroup(sbParent, containerID string) error

CreateSandboxCgroup calls the helper function createSandboxCgroup for this manager.

func (*CgroupfsManager) IsSystemd

func (*CgroupfsManager) IsSystemd() bool

IsSystemd returns that this is not a systemd cgroup manager

func (*CgroupfsManager) MoveConmonToCgroup

func (*CgroupfsManager) MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, resources *rspec.LinuxResources) (cgroupPathToClean string, _ error)

MoveConmonToCgroup takes the container ID, cgroup parent, conmon's cgroup (from the config) and conmon's PID It attempts to move conmon to the correct cgroup. It returns the cgroupfs parent that conmon was put into so that CRI-O can clean the cgroup path of the newly added conmon once the process terminates (systemd handles this for us)

func (*CgroupfsManager) Name

func (*CgroupfsManager) Name() string

Name returns the name of the cgroup manager (cgroupfs)

func (*CgroupfsManager) RemoveContainerCgManager

func (m *CgroupfsManager) RemoveContainerCgManager(containerID string)

RemoveContainerCgManager removes the cgroup manager for the container

func (*CgroupfsManager) RemoveSandboxCgManager

func (m *CgroupfsManager) RemoveSandboxCgManager(sbID string)

RemoveSandboxCgroupManager removes the cgroup manager for the sandbox

func (*CgroupfsManager) RemoveSandboxCgroup

func (m *CgroupfsManager) RemoveSandboxCgroup(sbParent, containerID string) error

RemoveSandboxCgroup calls the helper function removeSandboxCgroup for this manager.

func (*CgroupfsManager) SandboxCgroupManager

func (m *CgroupfsManager) SandboxCgroupManager(sbParent, sbID string) (libctrCg.Manager, error)

SandboxCgroupManager takes the cgroup parent, and sandbox ID. It returns the raw libcontainer cgroup manager for that sandbox.

func (*CgroupfsManager) SandboxCgroupPath

func (m *CgroupfsManager) SandboxCgroupPath(sbParent, sbID string, containerMinMemory int64) (cgParent, cgPath string, _ error)

SandboxCgroupPath takes the sandbox parent, sandbox ID, and container minimum memory. It returns the cgroup parent, cgroup path, and error. It also checks if enough memory is available in the given cgroup.

func (*CgroupfsManager) SandboxCgroupStats

func (m *CgroupfsManager) SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error)

SandboxCgroupStats takes the sandbox parent, and sandbox ID. It creates a new cgroup for that sandbox if it does not already exist. It returns the cgroup stats for that sandbox.

type MemoryStats

type MemoryStats struct {
	Usage           uint64
	Cache           uint64
	Limit           uint64
	MaxUsage        uint64
	WorkingSetBytes uint64
	RssBytes        uint64
	PageFaults      uint64
	MajorPageFaults uint64
	AvailableBytes  uint64
	KernelUsage     uint64
	KernelTCPUsage  uint64
	SwapUsage       uint64
	SwapLimit       uint64
	// Amount of cached filesystem data mapped with mmap().
	FileMapped uint64
	// The number of memory usage hits limits. For cgroup v1 only.
	Failcnt uint64
}

type PidsStats

type PidsStats struct {
	Current uint64
	Limit   uint64
}

type SystemdManager

type SystemdManager struct {
	// contains filtered or unexported fields
}

SystemdManager is the parent type of SystemdV{1,2}Manager. it defines all of the common functionality between V1 and V2

func NewSystemdManager

func NewSystemdManager() *SystemdManager

func (*SystemdManager) ContainerCgroupAbsolutePath

func (m *SystemdManager) ContainerCgroupAbsolutePath(sbParent, containerID string) (string, error)

func (*SystemdManager) ContainerCgroupManager

func (m *SystemdManager) ContainerCgroupManager(sbParent, containerID string) (cgroups.Manager, error)

ContainerCgroupManager takes the cgroup parent, and container ID. It returns the raw libcontainer cgroup manager for that container.

func (*SystemdManager) ContainerCgroupPath

func (*SystemdManager) ContainerCgroupPath(sbParent, containerID string) string

ContainerCgroupPath takes arguments sandbox parent cgroup and container ID and returns the cgroup path for that containerID. If parentCgroup is empty, it uses the default parent system.slice

func (*SystemdManager) ContainerCgroupStats

func (m *SystemdManager) ContainerCgroupStats(sbParent, containerID string) (*CgroupStats, error)

ContainerCgroupStats takes the sandbox parent, and container ID. It creates a new cgroup if one does not already exist. It returns the cgroup stats for that container.

func (*SystemdManager) CreateSandboxCgroup

func (m *SystemdManager) CreateSandboxCgroup(sbParent, containerID string) error

CreateSandboxCgroup calls the helper function createSandboxCgroup for this manager. Note: createSandboxCgroup will create a cgroupfs cgroup for the infra container underneath the pod slice. It will not use dbus to create this cgroup, but instead call libcontainer's cgroupfs manager directly. This is because a scope created here will not have a process within it (as it's usually for a dropped infra container), and a slice cannot have the required `crio` prefix (while still being within the pod slice). Ultimately, this cgroup is required for cAdvisor to be able to register the pod and collect network metrics for it. This work will not be relevant when CRI-O is responsible for gathering pod metrics (KEP-2371), but is required until that's done.

func (*SystemdManager) IsSystemd

func (*SystemdManager) IsSystemd() bool

IsSystemd returns that it is a systemd cgroup manager

func (*SystemdManager) MoveConmonToCgroup

func (m *SystemdManager) MoveConmonToCgroup(cid, cgroupParent, conmonCgroup string, pid int, resources *rspec.LinuxResources) (cgroupPathToClean string, _ error)

MoveConmonToCgroup takes the container ID, cgroup parent, conmon's cgroup (from the config) and conmon's PID It attempts to move conmon to the correct cgroup. cgroupPathToClean should always be returned empty. It is part of the interface to return the cgroup path that cri-o is responsible for cleaning up upon the container's death. Systemd takes care of this cleaning for us, so return an empty string

func (*SystemdManager) Name

func (*SystemdManager) Name() string

Name returns the name of the cgroup manager (systemd)

func (*SystemdManager) RemoveContainerCgManager

func (m *SystemdManager) RemoveContainerCgManager(containerID string)

RemoveContainerCgManager removes the cgroup manager for the container

func (*SystemdManager) RemoveSandboxCgManager

func (m *SystemdManager) RemoveSandboxCgManager(sbID string)

RemoveSandboxCgroupManager removes cgroup manager for the sandbox

func (*SystemdManager) RemoveSandboxCgroup

func (m *SystemdManager) RemoveSandboxCgroup(sbParent, containerID string) error

RemoveSandboxCgroup calls the helper function removeSandboxCgroup for this manager.

func (*SystemdManager) SandboxCgroupManager

func (m *SystemdManager) SandboxCgroupManager(sbParent, sbID string) (cgroups.Manager, error)

SandboxCgroupManager takes the cgroup parent, and sandbox ID. It returns the raw libcontainer cgroup manager for that sandbox.

func (*SystemdManager) SandboxCgroupPath

func (m *SystemdManager) SandboxCgroupPath(sbParent, sbID string, containerMinMemory int64) (cgParent, cgPath string, _ error)

SandboxCgroupPath takes the sandbox parent, sandbox ID, and container minimum memory. It returns the cgroup parent, cgroup path, and error. It also checks if enough memory is available in the given cgroup.

func (*SystemdManager) SandboxCgroupStats

func (m *SystemdManager) SandboxCgroupStats(sbParent, sbID string) (*CgroupStats, error)

SandboxCgroupStats takes the sandbox parent, and sandbox ID. It creates a new cgroup for that sandbox if it does not already exist. It returns the cgroup stats for that sandbox.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL