cgroups configs review

Serge Hallyn serge.hallyn at canonical.com
Fri Jun 22 12:53:19 UTC 2012 

Quoting Bryan Wu (bryan.wu at canonical.com):
> Hi Serge and Stefan,
> 
> I've been reviewing cgroups configs for a while and help to sync ARM
> cgroups configs with x86.
> So right now in our Ubuntu kernel master-next branch, cgroups configs
> should be all enabled for LXC usage:
> --
> ubuntu/quantal.git$ grep -r CGROUP debian.master/config/
> debian.master/config/config.common.ubuntu:CONFIG_BLK_CGROUP=y
> debian.master/config/config.common.ubuntu:CONFIG_CGROUPS=y
> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_CPUACCT=y
> 
> This is for debugging
> debian.master/config/config.common.ubuntu:# CONFIG_CGROUP_DEBUG is not set
> 
> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_DEVICE=y
> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_FREEZER=y
> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_MEM_RES_CTLR=y
> 
> This one is experimental
> debian.master/config/config.common.ubuntu:#
> CONFIG_CGROUP_MEM_RES_CTLR_KMEM is not set

Thanks for reviewing these, Bryan.

I'm fine with CONFIG_CGROUP_MEM_RES_CTLR_KMEM not being set for
now.  If/when at some point it becomes harder for containers to affect
the host in other ways, then DOS through kernel memory hog might be
worth worrying about, but not just yet.

> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_MEM_RES_CTLR_SWAP=y
> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_MEM_RES_CTLR_SWAP_ENABLED=y
> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_PERF=y
> debian.master/config/config.common.ubuntu:CONFIG_CGROUP_SCHED=y
> 
> This is for debugging
> debian.master/config/config.common.ubuntu:# CONFIG_DEBUG_BLK_CGROUP is not set
> 
> These 2 are for networking cgroups, I'm not sure whether we need
> built-in these 2 in kernel.
> debian.master/config/config.common.ubuntu:CONFIG_NETPRIO_CGROUP=m
> debian.master/config/config.common.ubuntu:CONFIG_NET_CLS_CGROUP=m

What would be the advantage of having these built-in?  AFAIK a module
is fine, but maybe I'm overlooking something.

> --
> 
> And for ti-omap4 branch we got the same CGROUPS configs as master now.
> 
> Thanks,
> -- 
> Bryan Wu <bryan.wu at canonical.com>
> Kernel Developer    +86.186-168-78255 Mobile
> Canonical Ltd.      www.canonical.com
> Ubuntu - Linux for human beings | www.ubuntu.com

More information about the kernel-team mailing list