cgroups

package
v4.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 13, 2024 License: BSD-3-Clause Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrUnitialized = errors.New("cgroups manager is not initialized")

Functions

func CanUseCgroups added in v4.1.0

func CanUseCgroups(systemd bool, warn bool) bool

CanUseCgroups checks whether it's possible to use the cgroups manager. - Host root can always use cgroups. - Rootless needs cgroups v2. - Rootless needs systemd manager. - Rootless needs DBUS_SESSION_BUS_ADDRESS and XDG_RUNTIME_DIR set properly. warn controls whether configuration problems preventing use of cgroups will be logged as warnings, or debug messages.

func DefaultPathForPid

func DefaultPathForPid(systemd bool, pid int) (group string)

DefaultPathForPid returns a default cgroup path for a given PID.

func HasDbus added in v4.1.0

func HasDbus() (bool, error)

HasDbus checks if DBUS_SESSION_BUS_ADDRESS is set, and sane. Logs unset var / non-existent target at DEBUG level.

func HasXDGRuntimeDir added in v4.1.0

func HasXDGRuntimeDir() (bool, error)

HasXDGRuntimeDir checks if XDG_Runtime_Dir is set, and sane. Logs unset var / non-existent target at DEBUG level.

func Int64ptr

func Int64ptr(i int) *int64

func LoadResources

func LoadResources(path string) (spec specs.LinuxResources, err error)

LoadResources loads a cgroups config file into a LinuxResources struct

func SaveConfig

func SaveConfig(config Config, confPath string) (err error)

SaveConfig saves a native cgroups.Config struct into a TOML file at confPath

func UnmarshalJSONResources

func UnmarshalJSONResources(data string) (*specs.LinuxResources, error)

UnmarshalJSON unmarshals a JSON string into a LinuxResources struct

Types

type Config

type Config struct {
	// Devices configures the device whitelist.
	Devices []LinuxDeviceCgroup `toml:"devices" json:"devices,omitempty"`
	// Memory restriction configuration
	Memory *LinuxMemory `toml:"memory" json:"memory,omitempty"`
	// CPU resource restriction configuration
	CPU *LinuxCPU `toml:"cpu" json:"cpu,omitempty"`
	// Task resource restriction configuration.
	Pids *LinuxPids `toml:"pids" json:"pids,omitempty"`
	// BlockIO restriction configuration
	BlockIO *LinuxBlockIO `toml:"blockIO" json:"blockIO,omitempty"`
	// Hugetlb limit (in bytes)
	HugepageLimits []LinuxHugepageLimit `toml:"hugepageLimits" json:"hugepageLimits,omitempty"`
	// Network restriction configuration
	Network *LinuxNetwork `toml:"network" json:"network,omitempty"`
	// Rdma resource restriction configuration.
	// Limits are a set of key value pairs that define RDMA resource limits,
	// where the key is device name and value is resource limits.
	Rdma map[string]LinuxRdma `toml:"rdma" json:"rdma,omitempty"`
	// Native cgroups v2 unified hierarchy resource limits.
	Unified map[string]string `toml:"unified" json:"unified,omitempty"`
}

Config has container runtime resource constraints

func LoadConfig

func LoadConfig(confPath string) (config Config, err error)

LoadConfig loads a TOML cgroups config file into our native cgroups.Config struct

func (*Config) MarshalJSON

func (c *Config) MarshalJSON() (string, error)

MarshalJSON marshals a cgroups.Config struct to a JSON string

type LinuxBlockIO

type LinuxBlockIO struct {
	// Specifies per cgroup weight
	Weight *uint16 `toml:"weight" json:"weight,omitempty"`
	// Specifies tasks' weight in the given cgroup while competing with the cgroup's child cgroups, CFQ scheduler only
	LeafWeight *uint16 `toml:"leafWeight" json:"leafWeight,omitempty"`
	// Weight per cgroup per device, can override BlkioWeight
	WeightDevice []LinuxWeightDevice `toml:"weightDevice" json:"weightDevice,omitempty"`
	// IO read rate limit per cgroup per device, bytes per second
	ThrottleReadBpsDevice []LinuxThrottleDevice `toml:"throttleReadBpsDevice" json:"throttleReadBpsDevice,omitempty"`
	// IO write rate limit per cgroup per device, bytes per second
	ThrottleWriteBpsDevice []LinuxThrottleDevice `toml:"throttleWriteBpsDevice" json:"throttleWriteBpsDevice,omitempty"`
	// IO read rate limit per cgroup per device, IO per second
	ThrottleReadIOPSDevice []LinuxThrottleDevice `toml:"throttleReadIOPSDevice" json:"throttleReadIOPSDevice,omitempty"`
	// IO write rate limit per cgroup per device, IO per second
	ThrottleWriteIOPSDevice []LinuxThrottleDevice `toml:"throttleWriteIOPSDevice" json:"throttleWriteIOPSDevice,omitempty"`
}

LinuxBlockIO for Linux cgroup 'blkio' resource management

type LinuxCPU

type LinuxCPU struct {
	// CPU shares (relative weight (ratio) vs. other cgroups with cpu shares).
	Shares *uint64 `toml:"shares" json:"shares,omitempty"`
	// CPU hardcap limit (in usecs). Allowed cpu time in a given period.
	Quota *int64 `toml:"quota" json:"quota,omitempty"`
	// CPU period to be used for hardcapping (in usecs).
	Period *uint64 `toml:"period" json:"period,omitempty"`
	// How much time realtime scheduling may use (in usecs).
	RealtimeRuntime *int64 `toml:"realtimeRuntime" json:"realtimeRuntime,omitempty"`
	// CPU period to be used for realtime scheduling (in usecs).
	RealtimePeriod *uint64 `toml:"realtimePeriod" json:"realtimePeriod,omitempty"`
	// CPUs to use within the cpuset. Default is to use any CPU available.
	Cpus string `toml:"cpus" json:"cpus,omitempty"`
	// List of memory nodes in the cpuset. Default is to use any available memory node.
	Mems string `toml:"mems" json:"mems,omitempty"`
}

LinuxCPU for Linux cgroup 'cpu' resource management

type LinuxDeviceCgroup

type LinuxDeviceCgroup struct {
	// Allow or deny
	Allow bool `toml:"allow" json:"allow" comment:"test"`
	// Device type, block, char, etc.
	Type string `toml:"type" json:"type,omitempty"`
	// Major is the device's major number.
	Major *int64 `toml:"major" json:"major,omitempty"`
	// Minor is the device's minor number.
	Minor *int64 `toml:"minor" json:"minor,omitempty"`
	// Cgroup access permissions format, rwm.
	Access string `toml:"access" json:"access,omitempty"`
}

LinuxDeviceCgroup represents a device rule for the whitelist controller

type LinuxHugepageLimit

type LinuxHugepageLimit struct {
	// Pagesize is the hugepage size
	Pagesize string `toml:"pageSize" json:"pageSize"`
	// Limit is the limit of "hugepagesize" hugetlb usage
	Limit uint64 `toml:"limit" json:"limit"`
}

LinuxHugepageLimit structure corresponds to limiting kernel hugepages

type LinuxInterfacePriority

type LinuxInterfacePriority struct {
	// Name is the name of the network interface
	Name string `toml:"name" json:"name"`
	// Priority for the interface
	Priority uint32 `toml:"priority" json:"priority"`
}

LinuxInterfacePriority for network interfaces

type LinuxMemory

type LinuxMemory struct {
	// Memory limit (in bytes).
	Limit *int64 `toml:"limit" json:"limit,omitempty"`
	// Memory reservation or soft_limit (in bytes).
	Reservation *int64 `toml:"reservation" json:"reservation,omitempty"`
	// Total memory limit (memory + swap).
	Swap *int64 `toml:"swap" json:"swap,omitempty"`
	// Kernel memory limit (in bytes).
	Kernel *int64 `toml:"kernel" json:"kernel,omitempty"`
	// Kernel memory limit for tcp (in bytes)
	KernelTCP *int64 `toml:"kernelTCP" json:"kernelTCP,omitempty"`
	// How aggressive the kernel will swap memory pages.
	Swappiness *uint64 `toml:"swappiness" json:"swappiness,omitempty"`
	// DisableOOMKiller disables the OOM killer for out of memory conditions
	DisableOOMKiller *bool `toml:"disableOOMKiller" json:"disableOOMKiller,omitempty"`
}

LinuxMemory for Linux cgroup 'memory' resource management

type LinuxNetwork

type LinuxNetwork struct {
	// Set class identifier for container's network packets
	ClassID *uint32 `toml:"classID" json:"classID,omitempty"`
	// Set priority of network traffic for container
	Priorities []LinuxInterfacePriority `toml:"priorities" json:"priorities,omitempty"`
}

LinuxNetwork identification and priority configuration

type LinuxPids

type LinuxPids struct {
	// Maximum number of PIDs. Default is "no limit".
	Limit int64 `toml:"limit" json:"limit"`
}

LinuxPids for Linux cgroup 'pids' resource management (Linux 4.3)

type LinuxRdma

type LinuxRdma struct {
	// Maximum number of HCA handles that can be opened. Default is "no limit".
	HcaHandles *uint32 `toml:"hcaHandles" json:"hcaHandles,omitempty"`
	// Maximum number of HCA objects that can be created. Default is "no limit".
	HcaObjects *uint32 `toml:"hcaObjects" json:"hcaObjects,omitempty"`
}

LinuxRdma for Linux cgroup 'rdma' resource management (Linux 4.11)

type LinuxThrottleDevice

type LinuxThrottleDevice struct {
	// Major is the device's major number.
	Major int64 `toml:"major" json:"major"`
	// Minor is the device's minor number.
	Minor int64 `toml:"minor" json:"minor"`
	// Rate is the IO rate limit per cgroup per device
	Rate uint64 `toml:"rate" json:"rate"`
}

LinuxThrottleDevice struct holds a `major:minor rate_per_second` pair

type LinuxWeightDevice

type LinuxWeightDevice struct {
	// Major is the device's major number.
	Major int64 `toml:"major" json:"major"`
	// Minor is the device's minor number.
	Minor int64 `toml:"minor" json:"minor"`
	// Weight is the bandwidth rate for the device.
	Weight *uint16 `toml:"weight" json:"weight,omitempty"`
	// LeafWeight is the bandwidth rate for the device while competing with the cgroup's child cgroups, CFQ scheduler only
	LeafWeight *uint16 `toml:"leafWeight" json:"leafWeight,omitempty"`
}

LinuxWeightDevice struct holds a `major:minor weight` pair for weightDevice

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

Manager provides functions to modify, freeze, thaw, and destroy a cgroup. Singularity's cgroups.Manager is a wrapper around runc/libcontainer/cgroups. The manager supports v1 cgroups, and v2 cgroups with a unified hierarchy. Resource specifications are handles in specs.LinuxResources format and translated to runc/libcontainer/cgroups format internally.

func GetManagerForGroup

func GetManagerForGroup(group string) (manager *Manager, err error)

GetManager returns a Manager for the provided cgroup name/path. It can only return a cgroupfs manager, as we aren't wiring back up to systemd through dbus etc.

Disable context check as it raises a warning throuch lcmanager.New, which is in a dependency we cannot modify to pass a context.

func GetManagerForPid

func GetManagerForPid(pid int) (manager *Manager, err error)

GetManagerFromPid returns a Manager for the cgroup that pid is a member of. It can only return a cgroupfs manager, as we aren't wiring back up to systemd through dbus etc.

func NewManagerWithFile

func NewManagerWithFile(specPath string, pid int, group string, systemd bool) (manager *Manager, err error)

NewManagerWithFile creates a Manager, applies the configuration at specPath, and adds pid to the cgroup. If a group name is supplied, it will be used by the manager. If group = "" then "/singularity/<pid>" is used as a default.

func NewManagerWithJSON

func NewManagerWithJSON(jsonSpec string, pid int, group string, systemd bool) (manager *Manager, err error)

NewManagerWithJSON creates a Manager, applies the JSON configuration supplied, and adds pid to the cgroup. If a group name is supplied, it will be used by the manager. If group = "" then "/singularity/<pid>" is used as a default.

func NewManagerWithSpec

func NewManagerWithSpec(spec *specs.LinuxResources, pid int, group string, systemd bool) (manager *Manager, err error)

NewManagerWithSpec creates a Manager, applies the configuration in spec, and adds pid to the cgroup. If a group name is supplied, it will be used by the manager. If group = "" then "/singularity/<pid>" is used as a default.

func (*Manager) AddProc

func (m *Manager) AddProc(pid int) (err error)

AddProc adds the process with specified pid to the managed cgroup

Disable context check as it raises a warning throuch lcmanager.New, which is in a dependency we cannot modify to pass a context.

func (*Manager) Destroy

func (m *Manager) Destroy() (err error)

Destroy deletes the managed cgroup.

func (*Manager) Freeze

func (m *Manager) Freeze() (err error)

Freeze freezes processes in the managed cgroup.

func (*Manager) GetCgroupRelPath

func (m *Manager) GetCgroupRelPath() (relPath string, err error)

GetCgroupRelPath returns the relative path of the cgroup under the mount point

func (*Manager) GetCgroupRootPath

func (m *Manager) GetCgroupRootPath() (rootPath string, err error)

GetCgroupRootPath returns the cgroups mount root path, for the managed cgroup

func (*Manager) GetStats

func (m *Manager) GetStats() (*lccgroups.Stats, error)

GetStats wraps the Manager.GetStats from runc

func (*Manager) Thaw

func (m *Manager) Thaw() (err error)

Thaw unfreezes process in the managed cgroup.

func (*Manager) UpdateFromFile

func (m *Manager) UpdateFromFile(path string) error

UpdateFromFile updates the existing managed cgroup using configuration from a toml file.

func (*Manager) UpdateFromSpec

func (m *Manager) UpdateFromSpec(resources *specs.LinuxResources) (err error)

UpdateFromSpec updates the existing managed cgroup using configuration from an OCI LinuxResources spec struct.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL