[vUDS blueprint 13.10] libcgroup

Serge Hallyn serge.hallyn at ubuntu.com
Wed May 1 19:35:04 UTC 2013 

(resend from subscribed address)

This email is a proposal for discussion about work on the libcgroup
package during the 13.10 cycle.

libcgroup is a package which provides:
   a. Flexible boot-time setup of cgroups
   b. Command line tools to configure and use cgroups
   c. A deamon to auto-reclassify tasks into cgroups

There were two important bugs in libcgroup:
   1. Cgroup setup was done too late, after some daemons had
      started.  This was solvable.  However there was an attitude that
      it could simply reclassify daemons which had already started.
      It couldn't do that right.
   2. Auto-reclassifying tasks into cgroups cannot be done
      correctly with current kernel support

Because properly mounted cgroups are crucial to libvirt and lxc, we
temporarily worked around this by introducing cgroup-lite, which
introduces tiny, inflexible upstart jobs to mount cgroups.  This was
meant as a temporary step until libcgroup could be improved.

In the meantime, a few things have happened
   1. libcgroup functionality is being moved into systemd.
   2. libcgroup has dropped its faulty startup scripts so that it be
      installed alongside cgroup-lite
   3. Upstream kernel cgroup maintainer wants userspace to stop dealing
      with cgroupfs, and use a new (not yet designed) library instead

In the medium term we wanted to
   1. Write sysvinit scripts to mirror the cgroup-lite upstart jobs, and
      provide them together in libcgroup.
   2. Support some flexible boot-time cgroup setup.  This is especially
      required so that users can be confined by memory cgroup in the face
      of unprivileged user namespace cloning.

That way cgroup-lite could then be replaced by libcgroup again.

We should also begin working with wider communities on designing the
cgroup library interface to be used above cgroupfs.  This design should
account for clean nesting in containers, so that the library running in
a container can forward requests (i.e. cgroup creation and
configuration) to the library on the host.

	https://lkml.org/lkml/2013/4/5/535
	https://lkml.org/lkml/2013/4/9/651

More information about the ubuntu-server mailing list