diff --git a/libkpod/config.go b/libkpod/config.go index c71aa314..c3e94043 100644 --- a/libkpod/config.go +++ b/libkpod/config.go @@ -5,6 +5,7 @@ import ( "io/ioutil" "github.com/BurntSushi/toml" + "github.com/kubernetes-incubator/cri-o/oci" "github.com/opencontainers/selinux/go-selinux" ) @@ -20,7 +21,7 @@ const ( apparmorProfileName = "crio-default" cniConfigDir = "/etc/cni/net.d/" cniBinDir = "/opt/cni/bin/" - cgroupManager = "cgroupfs" + cgroupManager = oci.CgroupfsCgroupsManager lockPath = "/run/crio.lock" containerExitsDir = "/var/run/kpod/exits" ) diff --git a/oci/oci.go b/oci/oci.go index d9f9e0b4..ef5027c5 100644 --- a/oci/oci.go +++ b/oci/oci.go @@ -30,6 +30,11 @@ const ( ContainerStateStopped = "stopped" // ContainerCreateTimeout represents the value of container creating timeout ContainerCreateTimeout = 10 * time.Second + + // CgroupfsCgroupsManager represents cgroupfs native cgroup manager + CgroupfsCgroupsManager = "cgroupfs" + // SystemdCgroupsManager represents systemd native cgroup manager + SystemdCgroupsManager = "systemd" ) // New creates a new Runtime with options provided @@ -141,7 +146,7 @@ func (r *Runtime) CreateContainer(c *Container, cgroupParent string) error { defer parentStartPipe.Close() var args []string - if r.cgroupManager == "systemd" { + if r.cgroupManager == SystemdCgroupsManager { args = append(args, "-s") } args = append(args, "-c", c.id) @@ -187,7 +192,7 @@ func (r *Runtime) CreateContainer(c *Container, cgroupParent string) error { childStartPipe.Close() // Move conmon to specified cgroup - if r.cgroupManager == "systemd" { + if r.cgroupManager == SystemdCgroupsManager { logrus.Infof("Running conmon under slice %s and unitName %s", cgroupParent, createUnitName("crio-conmon", c.id)) if err = utils.RunUnderSystemdScope(cmd.Process.Pid, cgroupParent, createUnitName("crio-conmon", c.id)); err != nil { logrus.Warnf("Failed to add conmon to systemd sandbox cgroup: %v", err) diff --git a/server/container_create.go b/server/container_create.go index 6c7c7754..8b2a940a 100644 --- a/server/container_create.go +++ b/server/container_create.go @@ -38,6 +38,10 @@ const ( seccompUnconfined = "unconfined" seccompRuntimeDefault = "runtime/default" seccompLocalhostPrefix = "localhost/" + + scopePrefix = "crio" + defaultCgroupfsParent = "/crio" + defaultSystemdParent = "system.slice" ) func addOCIBindMounts(sb *sandbox.Sandbox, containerConfig *pb.ContainerConfig, specgen *generate.Generator) ([]oci.ContainerVolume, error) { @@ -472,11 +476,10 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string, } var cgPath string - scopePrefix := "crio" - parent := "/crio" - useSystemd := s.config.CgroupManager == "systemd" + parent := defaultCgroupfsParent + useSystemd := s.config.CgroupManager == oci.SystemdCgroupsManager if useSystemd { - parent = "system.slice" + parent = defaultSystemdParent } if sb.CgroupParent() != "" { parent = sb.CgroupParent() diff --git a/server/sandbox_run.go b/server/sandbox_run.go index 213e1cf9..375ff082 100644 --- a/server/sandbox_run.go +++ b/server/sandbox_run.go @@ -325,7 +325,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest // setup cgroup settings cgroupParent := req.GetConfig().GetLinux().CgroupParent if cgroupParent != "" { - if s.config.CgroupManager == "systemd" { + if s.config.CgroupManager == oci.SystemdCgroupsManager { cgPath, err := convertCgroupNameToSystemd(cgroupParent, false) if err != nil { return nil, err