11:32 a.m.
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Currently the LXC controller creates the cgroup, configures the
resources and adds the task all in one go. This is not sufficiently
flexible for the forthcoming NBD integration. We need to make sure
the NBD process gets into the right cgroup immediately, but we can
not have limits (in particular the device ACL) applied at the point
where we start qemu-nbd. So create a virLXCCgroupCreate method
which creates the cgroup and adds the current ask to be called
early, and leave virLXCCgroupSetup to only do resource config.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/lxc/lxc_cgroup.c | 39 +++++++++++++++++++++++++++------------
src/lxc/lxc_cgroup.h | 4 +++-
src/lxc/lxc_controller.c | 12 +++++++++---
3 files changed, 39 insertions(+), 16 deletions(-)
diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index a075335..fa47229 100644
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -472,7 +472,7 @@ cleanup:
}
-int virLXCCgroupSetup(virDomainDefPtr def)
+virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def)
{
virCgroupPtr driver = NULL;
virCgroupPtr cgroup = NULL;
@@ -494,6 +494,32 @@ int virLXCCgroupSetup(virDomainDefPtr def)
goto cleanup;
}
+ rc = virCgroupAddTask(cgroup, getpid());
+ if (rc != 0) {
+ virReportSystemError(-rc,
+ _("Unable to add task %d to cgroup for domain
%s"),
+ getpid(), def->name);
+ goto cleanup;
+ }
+
+ ret = 0;
+
+cleanup:
+ virCgroupFree(&driver);
+ if (ret < 0) {
+ virCgroupFree(&cgroup);
+ return NULL;
+ }
+
+ return cgroup;
+}
+
+
+int virLXCCgroupSetup(virDomainDefPtr def,
+ virCgroupPtr cgroup)
+{
+ int ret = -1;
+
if (virLXCCgroupSetupCpuTune(def, cgroup) < 0)
goto cleanup;
@@ -506,19 +532,8 @@ int virLXCCgroupSetup(virDomainDefPtr def)
if (virLXCCgroupSetupDeviceACL(def, cgroup) < 0)
goto cleanup;
- rc = virCgroupAddTask(cgroup, getpid());
- if (rc != 0) {
- virReportSystemError(-rc,
- _("Unable to add task %d to cgroup for domain
%s"),
- getpid(), def->name);
- goto cleanup;
- }
-
ret = 0;
cleanup:
- virCgroupFree(&cgroup);
- virCgroupFree(&driver);
-
return ret;
}
diff --git a/src/lxc/lxc_cgroup.h b/src/lxc/lxc_cgroup.h
index fff554b..18f54e6 100644
--- a/src/lxc/lxc_cgroup.h
+++ b/src/lxc/lxc_cgroup.h
@@ -26,7 +26,9 @@
# include "lxc_fuse.h"
# include "virusb.h"
-int virLXCCgroupSetup(virDomainDefPtr def);
+virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def);
+int virLXCCgroupSetup(virDomainDefPtr def,
+ virCgroupPtr cgroup);
int virLXCCgroupGetMeminfo(virLXCMeminfoPtr meminfo);
int
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index becf811..1508b9c 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -628,7 +628,8 @@ static int virLXCControllerSetupCpuAffinity(virLXCControllerPtr ctrl)
*
* Returns 0 on success or -1 in case of error
*/
-static int virLXCControllerSetupResourceLimits(virLXCControllerPtr ctrl)
+static int virLXCControllerSetupResourceLimits(virLXCControllerPtr ctrl,
+ virCgroupPtr cgroup)
{
if (virLXCControllerSetupCpuAffinity(ctrl) < 0)
@@ -637,7 +638,7 @@ static int virLXCControllerSetupResourceLimits(virLXCControllerPtr
ctrl)
if (virLXCControllerSetupNUMAPolicy(ctrl) < 0)
return -1;
- return virLXCCgroupSetup(ctrl->def);
+ return virLXCCgroupSetup(ctrl->def, cgroup);
}
@@ -1473,6 +1474,7 @@ virLXCControllerRun(virLXCControllerPtr ctrl)
int containerhandshake[2] = { -1, -1 };
char **containerTTYPaths = NULL;
size_t i;
+ virCgroupPtr cgroup = NULL;
if (VIR_ALLOC_N(containerTTYPaths, ctrl->nconsoles) < 0) {
virReportOOMError();
@@ -1494,10 +1496,13 @@ virLXCControllerRun(virLXCControllerPtr ctrl)
if (virLXCControllerSetupPrivateNS() < 0)
goto cleanup;
+ if (!(cgroup = virLXCCgroupCreate(ctrl->def)))
+ goto cleanup;
+
if (virLXCControllerSetupLoopDevices(ctrl) < 0)
goto cleanup;
- if (virLXCControllerSetupResourceLimits(ctrl) < 0)
+ if (virLXCControllerSetupResourceLimits(ctrl, cgroup) < 0)
goto cleanup;
if (virLXCControllerSetupDevPTS(ctrl) < 0)
@@ -1570,6 +1575,7 @@ cleanup:
VIR_FREE(containerTTYPaths[i]);
VIR_FREE(containerTTYPaths);
+ virCgroupFree(&cgroup);
virLXCControllerStopInit(ctrl);
return rc;
--
1.7.11.7