You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At present we call into the containerd/cgroups module to use its cgroups manager code. This code is less actively developed than opencontainers/runc/libcontainer/cgroups, and lacks functionality which would ease us:
Supporting the unified spec key for resource limit definitions.
Note that though runc/libcontainer is considered to be mostly 'internal' code, and not for public consumption, the cgroups portions are the exception. These are used by kubernetes, podman, etc. and will stay public as described in opencontainers/runc#3028
I believe that converting from containerd/cgroups to opencontainers/runc/libcontainer/cgroups should be a step taken before pursuing #299 and #300. To accomplish particularly #300 with containerd/cgroups is not trivial. There is no user systemd manager related code in the module, so we would need to perform dbus comms with systemd to establish an initial user slice/scope ourselves. The libcontainer code already includes what we need: https://github.com/opencontainers/runc/blob/master/libcontainer/cgroups/systemd/user.go
Note that our cgroups spec format mirrors LinuxResources from opencontainers/runtime-spec/specs-go and there is translation code to the runc internal config format in runc, which we can use as a starting point:
Type of issue
technical debt
Description of issue
At present we call into the
containerd/cgroups
module to use its cgroups manager code. This code is less actively developed thanopencontainers/runc/libcontainer/cgroups
, and lacks functionality which would ease us:unified
spec key for resource limit definitions.systemd
cgroups manager with a well-documented mapping of LinuxResources -> systemd unit annotations (https://github.com/opencontainers/runc/blob/master/docs/systemd.md)Note that though
runc/libcontainer
is considered to be mostly 'internal' code, and not for public consumption, the cgroups portions are the exception. These are used by kubernetes, podman, etc. and will stay public as described in opencontainers/runc#3028I believe that converting from
containerd/cgroups
toopencontainers/runc/libcontainer/cgroups
should be a step taken before pursuing #299 and #300. To accomplish particularly #300 withcontainerd/cgroups
is not trivial. There is no user systemd manager related code in the module, so we would need to perform dbus comms with systemd to establish an initial user slice/scope ourselves. The libcontainer code already includes what we need: https://github.com/opencontainers/runc/blob/master/libcontainer/cgroups/systemd/user.goNote that our cgroups spec format mirrors LinuxResources from
opencontainers/runtime-spec/specs-go
and there is translation code to the runc internal config format in runc, which we can use as a starting point:https://github.com/opencontainers/runc/blob/5fb9b2a006725d468381de8d300bb9baecc726f7/update.go#L137
The text was updated successfully, but these errors were encountered: