virtcontainers: save CgroupPaths and Cgroups in sandbox

`CgroupPaths` is a map that saves the cgroup type and path that were used for the sandbox to create the cgroups `Cgroups` contains information about sandbox's cgroups and its constraints. Both variables can be used to create a cgroup configuration needed to manipulate cgroups in the host. currently kata uses `containerd/cgroups` and `libcontainer` to create cgroups. `CgroupPaths` will replace to `CgroupPath` once kata uses *only* `libcontainer` Signed-off-by: Julio Montes <[email protected]>
kata-containers · Jan 15, 2020 · 4126968 · 4126968
1 parent a170d00
commit 4126968
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 0 deletions.
diff --git a/virtcontainers/persist.go b/virtcontainers/persist.go
@@ -37,6 +37,7 @@ func (s *Sandbox) dumpState(ss *persistapi.SandboxState, cs map[string]persistap
 	ss.GuestMemoryHotplugProbe = s.state.GuestMemoryHotplugProbe
 	ss.State = string(s.state.State)
 	ss.CgroupPath = s.state.CgroupPath
+	ss.CgroupPaths = s.state.CgroupPaths
 
 	for id, cont := range s.containers {
 		state := persistapi.ContainerState{}
@@ -198,6 +199,7 @@ func (s *Sandbox) dumpConfig(ss *persistapi.SandboxState) {
 		SystemdCgroup:       sconfig.SystemdCgroup,
 		SandboxCgroupOnly:   sconfig.SandboxCgroupOnly,
 		DisableGuestSeccomp: sconfig.DisableGuestSeccomp,
+		Cgroups:             sconfig.Cgroups,
 	}
 
 	for _, e := range sconfig.Experimental {
@@ -317,6 +319,7 @@ func (s *Sandbox) loadState(ss persistapi.SandboxState) {
 	s.state.BlockIndex = ss.HypervisorState.BlockIndex
 	s.state.State = types.StateString(ss.State)
 	s.state.CgroupPath = ss.CgroupPath
+	s.state.CgroupPaths = ss.CgroupPaths
 	s.state.GuestMemoryHotplugProbe = ss.GuestMemoryHotplugProbe
 }
 
@@ -480,6 +483,7 @@ func loadSandboxConfig(id string) (*SandboxConfig, error) {
 		SystemdCgroup:       savedConf.SystemdCgroup,
 		SandboxCgroupOnly:   savedConf.SandboxCgroupOnly,
 		DisableGuestSeccomp: savedConf.DisableGuestSeccomp,
+		Cgroups:             savedConf.Cgroups,
 	}
 
 	for _, name := range savedConf.Experimental {

diff --git a/virtcontainers/persist/api/config.go b/virtcontainers/persist/api/config.go
@@ -7,6 +7,7 @@
 package persistapi
 
 import (
+	"github.com/opencontainers/runc/libcontainer/configs"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 )
 
@@ -247,4 +248,8 @@ type SandboxConfig struct {
 	//				a specific field
 
 	ContainerConfigs []ContainerConfig
+
+	// Cgroups specifies specific cgroup settings for the various subsystems that the container is
+	// placed into to limit the resources the container has available
+	Cgroups *configs.Cgroup `json:"cgroups"`
 }
diff --git a/virtcontainers/persist/api/sandbox.go b/virtcontainers/persist/api/sandbox.go
@@ -40,6 +40,10 @@ type SandboxState struct {
 	// FIXME: sandbox can reuse "SandboxContainer"'s CgroupPath so we can remove this field.
 	CgroupPath string
 
+	// CgroupPath is the cgroup hierarchy where sandbox's processes
+	// including the hypervisor are placed.
+	CgroupPaths map[string]string
+
 	// Devices plugged to sandbox(hypervisor)
 	Devices []DeviceState
 

diff --git a/virtcontainers/sandbox.go b/virtcontainers/sandbox.go
@@ -19,6 +19,7 @@ import (
 
 	"github.com/containerd/cgroups"
 	"github.com/containernetworking/plugins/pkg/ns"
+	"github.com/opencontainers/runc/libcontainer/configs"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 	opentracing "github.com/opentracing/opentracing-go"
 	"github.com/pkg/errors"
@@ -124,6 +125,10 @@ type SandboxConfig struct {
 
 	// Experimental features enabled
 	Experimental []exp.Feature
+
+	// Cgroups specifies specific cgroup settings for the various subsystems that the container is
+	// placed into to limit the resources the container has available
+	Cgroups *configs.Cgroup `json:"cgroups"`
 }
 
 func (s *Sandbox) trace(name string) (opentracing.Span, context.Context) {

diff --git a/virtcontainers/types/sandbox.go b/virtcontainers/types/sandbox.go
@@ -52,6 +52,10 @@ type SandboxState struct {
 	// including the hypervisor are placed.
 	CgroupPath string `json:"cgroupPath,omitempty"`
 
+	// Path to all the cgroups setup for a container. Key is cgroup subsystem name
+	// with the value as the path.
+	CgroupPaths map[string]string `json:"cgroupPaths"`
+
 	// PersistVersion indicates current storage api version.
 	// It's also known as ABI version of kata-runtime.
 	// Note: it won't be written to disk