cgroups configs review

Bryan Wu bryan.wu at canonical.com
Fri Jun 22 15:49:26 UTC 2012 

On Fri, Jun 22, 2012 at 8:53 PM, Serge Hallyn
<serge.hallyn at canonical.com> wrote:
> Quoting Bryan Wu (bryan.wu at canonical.com):
>> Hi Serge and Stefan,
>>
>> I've been reviewing cgroups configs for a while and help to sync ARM
>> cgroups configs with x86.
>> So right now in our Ubuntu kernel master-next branch, cgroups configs
>> should be all enabled for LXC usage:
>> --
>> ubuntu/quantal.git$ grep -r CGROUP debian.master/config/
>> debian.master/config/config.common.ubuntu:CONFIG_BLK_CGROUP=y
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUPS=y
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_CPUACCT=y
>>
>> This is for debugging
>> debian.master/config/config.common.ubuntu:# CONFIG_CGROUP_DEBUG is not set
>>
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_DEVICE=y
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_FREEZER=y
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_MEM_RES_CTLR=y
>>
>> This one is experimental
>> debian.master/config/config.common.ubuntu:#
>> CONFIG_CGROUP_MEM_RES_CTLR_KMEM is not set
>
> Thanks for reviewing these, Bryan.
>
> I'm fine with CONFIG_CGROUP_MEM_RES_CTLR_KMEM not being set for
> now.  If/when at some point it becomes harder for containers to affect
> the host in other ways, then DOS through kernel memory hog might be
> worth worrying about, but not just yet.
>

OK, no problem, I will keep eyes on this.

>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_MEM_RES_CTLR_SWAP=y
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_MEM_RES_CTLR_SWAP_ENABLED=y
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_PERF=y
>> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_SCHED=y
>>
>> This is for debugging
>> debian.master/config/config.common.ubuntu:# CONFIG_DEBUG_BLK_CGROUP is not set
>>
>> These 2 are for networking cgroups, I'm not sure whether we need
>> built-in these 2 in kernel.
>> debian.master/config/config.common.ubuntu:CONFIG_NETPRIO_CGROUP=m
>> debian.master/config/config.common.ubuntu:CONFIG_NET_CLS_CGROUP=m
>
> What would be the advantage of having these built-in?  AFAIK a module
> is fine, but maybe I'm overlooking something.
>

Looks like LXC doesn't need to built-in these 2 modules, so it's
better to keep them as modules.

Thanks,
-Bryan

>> --
>>
>> And for ti-omap4 branch we got the same CGROUPS configs as master now.
>>
>> Thanks,
>> --
>> Bryan Wu <bryan.wu at canonical.com>
>> Kernel Developer    +86.186-168-78255 Mobile
>> Canonical Ltd.      www.canonical.com
>> Ubuntu - Linux for human beings | www.ubuntu.com



-- 
Bryan Wu <bryan.wu at canonical.com>
Kernel Developer    +86.186-168-78255 Mobile
Canonical Ltd.      www.canonical.com
Ubuntu - Linux for human beings | www.ubuntu.com

More information about the kernel-team mailing list