Re: [libvirt] [PATCH 09/17] libvirt-lxc: add virDomainLxcEnterCGroup API
On Wed, Apr 27, 2016 at 01:48:00PM -0400, John Ferlan wrote:
On 04/14/2016 11:22 AM, Daniel P. Berrange wrote:
> Add the virDomainLxcEnterCGroup API to the libvirt-lxc.so
> file. This method moves the calling process into the cgroups
> associated with the container.
>
> Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
> ---
> include/libvirt/libvirt-lxc.h | 2 ++
> src/libvirt-lxc.c | 47 +++++++++++++++++++++++++++++++++++++++++++
> src/libvirt_lxc.syms | 5 +++++
> 3 files changed, 54 insertions(+)
>
> diff --git a/include/libvirt/libvirt-lxc.h b/include/libvirt/libvirt-lxc.h
> index 1901fce..0d16a5c 100644
> --- a/include/libvirt/libvirt-lxc.h
> +++ b/include/libvirt/libvirt-lxc.h
> @@ -46,6 +46,8 @@ int virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
> virSecurityLabelPtr label,
> virSecurityLabelPtr oldlabel,
> unsigned int flags);
> +int virDomainLxcEnterCGroup(virDomainPtr domain,
> + unsigned int flags);
>
> # ifdef __cplusplus
> }
> diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
> index 8553570..16e08e9 100644
> --- a/src/libvirt-lxc.c
> +++ b/src/libvirt-lxc.c
> @@ -36,6 +36,7 @@
> #ifdef WITH_APPARMOR
> # include <sys/apparmor.h>
> #endif
> +#include "vircgroup.h"
>
> #define VIR_FROM_THIS VIR_FROM_NONE
>
> @@ -269,3 +270,49 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
> virDispatchError(NULL);
> return -1;
> }
> +
> +
> +/**
> + * virDomainLxcEnterCGroup:
> + * @domain: a domain object
> + * @flags: currently unused, pass 0
> + *
> + * This API is LXC specific, so it will only work with hypervisor
> + * connections to the LXC driver.
> + *
> + * Attaches the process to the control cgroups associated
> + * with the container @domain.
> + *
> + * Returns 0 on success, -1 on error
> + */
> +int virDomainLxcEnterCGroup(virDomainPtr domain,
> + unsigned int flags)
> +{
> + virConnectPtr conn;
> + virCgroupPtr cgroup = NULL;
> +
> + VIR_DOMAIN_DEBUG(domain, "flags=%x", flags);
> +
> + virResetLastError();
> +
> + virCheckDomainReturn(domain, -1);
> + conn = domain->conn;
> +
> + virCheckReadOnlyGoto(conn->flags, error);
> + virCheckFlagsGoto(0, error);
> +
> + if (virCgroupNewDetect(domain->id, -1, &cgroup) < 0)
virCgroupNewDetect takes a pid as parameter 1
The domain->id is the pid of the libvirt_lxc process when using LXC
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|