Skip to content

cgroups: set memory cgroups in Set #495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hqhq merged 1 commit into from
Jan 22, 2016
Merged

cgroups: set memory cgroups in Set #495

hqhq merged 1 commit into from
Jan 22, 2016

Conversation

@cyphar
Copy link
Member

@cyphar cyphar commented Jan 21, 2016

Modify the memory cgroup code such that kmem is not managed by Set(), in
order to allow updating of memory constraints for containers by Docker.
This also removes the need to make memory a special case cgroup.

Signed-off-by: Aleksa Sarai asarai@suse.com

This is split from #470:

The other issue is fixed by #495:

  • Updating a container doesn't work for the memory cgroup, causing docker update tests to fail. This was caused by my commit f36ed4b174bb7e8951db6b61e2202a45a7251e30.

/cc @crosbymichael @mrunalp @dqminh @LK4D4

@cyphar
cgroups: set memory cgroups in Set
75e38f9 
Modify the memory cgroup code such that kmem is not managed by Set(), in
order to allow updating of memory constraints for containers by Docker.
This also removes the need to make memory a special case cgroup.

Signed-off-by: Aleksa Sarai <asarai@suse.com>
@cyphar cyphar mentioned this pull request Jan 21, 2016
Closed
@crosbymichael
Copy link
Member

crosbymichael commented Jan 21, 2016

LGTM

1 similar comment
@hqhq
Copy link
Contributor

hqhq commented Jan 22, 2016

LGTM

hqhq added a commit that referenced this pull request Jan 22, 2016
@hqhq
Merge pull request #495 from cyphar/fix-memcg-set
20c678e 
cgroups: set memory cgroups in Set
@hqhq hqhq merged commit 20c678e into opencontainers:master Jan 22, 2016
@cyphar cyphar deleted the fix-memcg-set branch January 22, 2016 02:58
stefanberger pushed a commit to stefanberger/runc that referenced this pull request Sep 8, 2017
@crosbymichael
Merge pull request opencontainers#495 from grahamwhaley/fix-bullet-in…
6de52a7 
…dent

runtime.md: Fix sub-bullet indentation
stefanberger pushed a commit to stefanberger/runc that referenced this pull request Sep 8, 2017
@wking
config: Shift oomScoreAdj from linux.resources to process
4b49c64 
The only discussion related to this is in [1,2], where the
relationship between oomScoreAdj and disableOOMKiller is raised. But
since 429f936 (Adding cgroups path to the Spec, 2015-09-02, opencontainers#137)
resources has been tied to cgroups, and oomScoreAdj is not about
cgroups.  For example, we currently have (in config-linux.md):

  You can configure a container's cgroups via the resources field of
  the Linux configuration.

I suggested we move the property from linux.resources.oomScoreAdj to
linux.oomScoreAdj so config authors and runtimes don't have to worry
about what cgroupsPath means if the only entry in resources is
oomScoreAdj.  Michael responded with [4]:

  If anything it should probably go on the process

So that's what this commit does.

I've gone with the four-space indents here to keep Pandoc happy (see
7795661 (runtime.md: Fix sub-bullet indentation, 2016-06-08, opencontainers#495),
but have left the existing entries in this list unchanged to reduce
churn.

[1]: opencontainers/runtime-spec#236
[2]: opencontainers/runtime-spec#292
[3]: opencontainers/runtime-spec#137
[4]: opencontainers/runtime-spec#782 (comment)

Signed-off-by: W. Trevor King <wking@tremily.us>
stefanberger pushed a commit to stefanberger/runc that referenced this pull request Sep 8, 2017
@wking @dqminh
config: Make capabilities and noNewPrivileges Linux-only (again)
717af41 
Roll back the genericization from 718f9f3 (minor narrative cleanup
regarding config compatibility, 2017-01-30, opencontainers#673).  Lifting the
restriction there seems to have been motivated by "Solaris supports
capabilities", but that was before the split into a capabilities
object which happened in eb114f0 (Add ambient and bounding capability
support, 2017-02-02, opencontainers#675).  It's not clear if Solaris supports
ambient caps, or what Solaris API noNewPrivileges were punting to [1].
And John Howard has recently confirmed that Windows does not support
capabilities and is unlikely to do so in the future [2].  He also
confirmed that Windows does not support rlimits [3].  John's statement
didn't directly address noNewPrivileges, but we can always restore any
of these properties to the Solaris/Windows platforms if/when we get
docs about which API we're punting to on those platforms.

Also add some backticks, remove the hyphens in "OPTIONAL) - the",
standardize lines I touch to use "the process" [4], and use four-space
indents here to keep Pandoc happy (see 7795661 (runtime.md: Fix
sub-bullet indentation, 2016-06-08, opencontainers#495).

[1]: opencontainers/runtime-spec#673 (comment)
[2]: opencontainers/runtime-spec#810 (comment)
[3]: opencontainers/runtime-spec#835 (comment)
[4]: opencontainers/runtime-spec#809 (comment)

Signed-off-by: W. Trevor King <wking@tremily.us>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

status/0-triage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cyphar @crosbymichael @hqhq @GordonTheTurtle