*: constify cgroups stuff
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca
parent
c199f63dba
commit
f51ca87857
4 changed files with 17 additions and 8 deletions
|
|
@ -5,6 +5,7 @@ import (
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
|
||||||
"github.com/BurntSushi/toml"
|
"github.com/BurntSushi/toml"
|
||||||
|
"github.com/kubernetes-incubator/cri-o/oci"
|
||||||
"github.com/opencontainers/selinux/go-selinux"
|
"github.com/opencontainers/selinux/go-selinux"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -20,7 +21,7 @@ const (
|
||||||
apparmorProfileName = "crio-default"
|
apparmorProfileName = "crio-default"
|
||||||
cniConfigDir = "/etc/cni/net.d/"
|
cniConfigDir = "/etc/cni/net.d/"
|
||||||
cniBinDir = "/opt/cni/bin/"
|
cniBinDir = "/opt/cni/bin/"
|
||||||
cgroupManager = "cgroupfs"
|
cgroupManager = oci.CgroupfsCgroupsManager
|
||||||
lockPath = "/run/crio.lock"
|
lockPath = "/run/crio.lock"
|
||||||
containerExitsDir = "/var/run/kpod/exits"
|
containerExitsDir = "/var/run/kpod/exits"
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -30,6 +30,11 @@ const (
|
||||||
ContainerStateStopped = "stopped"
|
ContainerStateStopped = "stopped"
|
||||||
// ContainerCreateTimeout represents the value of container creating timeout
|
// ContainerCreateTimeout represents the value of container creating timeout
|
||||||
ContainerCreateTimeout = 10 * time.Second
|
ContainerCreateTimeout = 10 * time.Second
|
||||||
|
|
||||||
|
// CgroupfsCgroupsManager represents cgroupfs native cgroup manager
|
||||||
|
CgroupfsCgroupsManager = "cgroupfs"
|
||||||
|
// SystemdCgroupsManager represents systemd native cgroup manager
|
||||||
|
SystemdCgroupsManager = "systemd"
|
||||||
)
|
)
|
||||||
|
|
||||||
// New creates a new Runtime with options provided
|
// New creates a new Runtime with options provided
|
||||||
|
|
@ -141,7 +146,7 @@ func (r *Runtime) CreateContainer(c *Container, cgroupParent string) error {
|
||||||
defer parentStartPipe.Close()
|
defer parentStartPipe.Close()
|
||||||
|
|
||||||
var args []string
|
var args []string
|
||||||
if r.cgroupManager == "systemd" {
|
if r.cgroupManager == SystemdCgroupsManager {
|
||||||
args = append(args, "-s")
|
args = append(args, "-s")
|
||||||
}
|
}
|
||||||
args = append(args, "-c", c.id)
|
args = append(args, "-c", c.id)
|
||||||
|
|
@ -187,7 +192,7 @@ func (r *Runtime) CreateContainer(c *Container, cgroupParent string) error {
|
||||||
childStartPipe.Close()
|
childStartPipe.Close()
|
||||||
|
|
||||||
// Move conmon to specified cgroup
|
// Move conmon to specified cgroup
|
||||||
if r.cgroupManager == "systemd" {
|
if r.cgroupManager == SystemdCgroupsManager {
|
||||||
logrus.Infof("Running conmon under slice %s and unitName %s", cgroupParent, createUnitName("crio-conmon", c.id))
|
logrus.Infof("Running conmon under slice %s and unitName %s", cgroupParent, createUnitName("crio-conmon", c.id))
|
||||||
if err = utils.RunUnderSystemdScope(cmd.Process.Pid, cgroupParent, createUnitName("crio-conmon", c.id)); err != nil {
|
if err = utils.RunUnderSystemdScope(cmd.Process.Pid, cgroupParent, createUnitName("crio-conmon", c.id)); err != nil {
|
||||||
logrus.Warnf("Failed to add conmon to systemd sandbox cgroup: %v", err)
|
logrus.Warnf("Failed to add conmon to systemd sandbox cgroup: %v", err)
|
||||||
|
|
|
||||||
|
|
@ -38,6 +38,10 @@ const (
|
||||||
seccompUnconfined = "unconfined"
|
seccompUnconfined = "unconfined"
|
||||||
seccompRuntimeDefault = "runtime/default"
|
seccompRuntimeDefault = "runtime/default"
|
||||||
seccompLocalhostPrefix = "localhost/"
|
seccompLocalhostPrefix = "localhost/"
|
||||||
|
|
||||||
|
scopePrefix = "crio"
|
||||||
|
defaultCgroupfsParent = "/crio"
|
||||||
|
defaultSystemdParent = "system.slice"
|
||||||
)
|
)
|
||||||
|
|
||||||
func addOCIBindMounts(sb *sandbox.Sandbox, containerConfig *pb.ContainerConfig, specgen *generate.Generator) ([]oci.ContainerVolume, error) {
|
func addOCIBindMounts(sb *sandbox.Sandbox, containerConfig *pb.ContainerConfig, specgen *generate.Generator) ([]oci.ContainerVolume, error) {
|
||||||
|
|
@ -472,11 +476,10 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
|
||||||
}
|
}
|
||||||
|
|
||||||
var cgPath string
|
var cgPath string
|
||||||
scopePrefix := "crio"
|
parent := defaultCgroupfsParent
|
||||||
parent := "/crio"
|
useSystemd := s.config.CgroupManager == oci.SystemdCgroupsManager
|
||||||
useSystemd := s.config.CgroupManager == "systemd"
|
|
||||||
if useSystemd {
|
if useSystemd {
|
||||||
parent = "system.slice"
|
parent = defaultSystemdParent
|
||||||
}
|
}
|
||||||
if sb.CgroupParent() != "" {
|
if sb.CgroupParent() != "" {
|
||||||
parent = sb.CgroupParent()
|
parent = sb.CgroupParent()
|
||||||
|
|
|
||||||
|
|
@ -325,7 +325,7 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
|
||||||
// setup cgroup settings
|
// setup cgroup settings
|
||||||
cgroupParent := req.GetConfig().GetLinux().CgroupParent
|
cgroupParent := req.GetConfig().GetLinux().CgroupParent
|
||||||
if cgroupParent != "" {
|
if cgroupParent != "" {
|
||||||
if s.config.CgroupManager == "systemd" {
|
if s.config.CgroupManager == oci.SystemdCgroupsManager {
|
||||||
cgPath, err := convertCgroupNameToSystemd(cgroupParent, false)
|
cgPath, err := convertCgroupNameToSystemd(cgroupParent, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue