This patch set adds basic cgroup support to the LXC driver. It consists of
a small internal cgroup manipulation API, as well as changes to the driver
itself to utilize the support. Currently, we just set a memory limit
and the allowed devices list. The cgroup.{c,h} interface can be easily
redirected to libcgroup in the future if and when the decision to move in
that direction is made.
Some discussion on the following points is probably warranted, to help
determine how deep we want to go with this internal implementation, in terms'
of supporting complex system configurations, etc.
- What to do if controllers are mounted in multiple places
- What to do if memory and device controllers aren't present
- What to do if the root group is set for exclusive cpuset behavior
Some additional caveats are noted per-patch as well.