Documentation ¶
Index ¶
- func CreateCgroups(root string, enabledCgroups map[int][]string, mountContext string) error
- func GetCgroupPathByPid(pid int, controller string) (string, error)
- func GetControllerDirs(cgroups map[int][]string) []string
- func GetEnabledCgroups() (map[int][]string, error)
- func GetOwnCgroupPath(controller string) (string, error)
- func IsControllerMounted(c string) bool
- func IsIsolatorSupported(isolator string) bool
- func JoinSubcgroup(controller string, subcgroup string) error
- func MaybeAddIsolator(opts []*unit.UnitOption, isolator string, limit *resource.Quantity) ([]*unit.UnitOption, error)
- func RemountCgroupsRO(root string, enabledCgroups map[int][]string, subcgroup string, ...) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateCgroups ¶
CreateCgroups mounts the cgroup controllers hierarchy in /sys/fs/cgroup under root
func GetCgroupPathByPid ¶ added in v1.3.0
GetCgroupPathByPid returns the cgroup path of the process with the given pid and given controller.
func GetControllerDirs ¶ added in v0.9.0
GetControllerDirs takes a map with the enabled cgroup controllers grouped by hierarchy and returns the directory names as they should be in /sys/fs/cgroup
func GetEnabledCgroups ¶ added in v0.9.0
GetEnabledCgroups returns a map with the enabled cgroup controllers grouped by hierarchy
func GetOwnCgroupPath ¶
GetOwnCgroupPath returns the cgroup path of this process in controller hierarchy
func IsControllerMounted ¶ added in v0.9.0
IsControllerMounted returns whether a controller is mounted by checking that cgroup.procs is accessible
func IsIsolatorSupported ¶
IsIsolatorSupported returns whether an isolator is supported in the kernel
func JoinSubcgroup ¶ added in v0.9.0
JoinCgroup makes the calling process join the subcgroup hierarchy on a particular controller
func MaybeAddIsolator ¶
func MaybeAddIsolator(opts []*unit.UnitOption, isolator string, limit *resource.Quantity) ([]*unit.UnitOption, error)
MaybeAddIsolator considers the given isolator; if the type is known (i.e. IsIsolatorSupported is true) and the limit is non-nil, the supplied opts will be extended with an appropriate option implementing the desired isolation.
func RemountCgroupsRO ¶ added in v0.9.0
func RemountCgroupsRO(root string, enabledCgroups map[int][]string, subcgroup string, serviceNames []string) error
RemountCgroupsRO remounts the cgroup hierarchy under root read-only, leaving the needed knobs in the subcgroup for each app read-write so the systemd inside stage1 can apply isolators to them
Types ¶
This section is empty.