cgroup stanza a proposal

Steve Langasek steve.langasek at canonical.com
Thu Nov 21 20:26:19 UTC 2013 

Hi Stéphane,

On Wed, Nov 20, 2013 at 02:23:59PM -0500, Stéphane Graber wrote:
> This morning at vUDS we discussed adding support for cgroups in Upstart.
> 
> Before I go into details about the proposed stanza and overall
> behaviour, I'd begin by saying that contrary to some other init systems,
> our intent is solely related to resource controls which is the main goal
> of cgroups. Process grouping and tracking will remain unaffected by the
> addition of cgroup support.
> 
> Cgroup support will be implemented by adding a new "cgroup" stanza which
> will control the application of cgroup based restrictions to the job.
> The limits will be applied to any of the scripts
> (pre-start/post-start/job/pre-stop/post-stob) similar to what's done
> with setuid/setgid/apparmor stanzas.
> 
> Now my recommended format for the stanza, which I believe should be
> flexible enough is:
>  cgroup <controller> <cgroup name|auto> [<key> <value>]
> 
> 
> Detail on the fields:
> == controller ==
> Name for one of the cgroup controller
> 
> Currently the valid values are (but won't be hardcoded into upstart):
>  - blkio
>  - cpu
>  - cpuacct
>  - cpuset
>  - devices
>  - freezer
>  - hugetlb
>  - memory
>  - perf_event
> 
> == cgroup-name|$auto ==
> Name of the cgroup to use (and create if non-existing)
> 
> The name may contain a / (e.g. "db/pgsql" or "db/$auto") indicating that
> it's requesting a sub-cgroup.
> 
> "$auto" is the recommended name and will have upstart generate a name
> based on the job instance name.
> 
> The main use of that field is for cases where a set of jobs should share
> limits, in such case the main job should declare the various values and
> the others just refer to the cgroup by name but not defined values.
> 
> The name may be different for the various controllers but may not differ
> within the same controller. Example:
> valid =>    cgroup memory group1 limit_in_bytes 52428800
>             cgroup cpuset group2 cpus 0-1
> 
> invalid =>  cgroup memory group1 limit_in_bytes 52428800
>             cgroup memory group1 soft_limit_in_bytes 1024
> 
> == key ==
> The cgroup control file minus the controller name, so for example
> memory.soft_limit_in_bytes will become limit_in_bytes.

FWIW, typo here as well, this should of course be 'soft_limit_in_bytes' in
both cases.

> == value ==
> Any value valid for the given control file, upstart itself won't perform
> any validation.

> If the value contains spaces, it should be put between double-quotes (e.g.):
> cgroup devices auto allow "c 1:2 rwm"


> Upstart won't have any controller aware logic in its code, instead,
> it'll simply talk over dbus (using a private dbus socket) to the cgroup
> manager which will take care of applying the various limits.
> That cgroup manager will be started very early in the boot sequence. Any
> job containing a cgroup stanza will be held until the manager is
> started.

> The cgroup will be destroyed when a job is stopped and the cgroup isn't
> shared with another job (task count is 0 and it has no child cgroup).

Is upstart responsible for destroying the cgroup, or is this done by the
cgroup manager?

> All of the above is also meant to apply to user sessions. The cgroup
> manager will allow unprivileged cgroup configuration, so as long as the
> user has write access to a sub-section of a controller, it'll be allowed
> to write entries there. Similarly to other restriction stanzas, failure
> to apply a cgroup limit in a user session won't be fatal.

Seems to leave open the question of how users are given access to the
subsection.  From what we discussed in the UDS session, I believe we expect
logind to set this up for us, correct?

Also, the implicit corollary to "cgroup limit failures in a user session
aren't fatal" is that, in a system job, they *are* fatal.  I know you know
this, but it should be documented explicitly. :)

Do you intend this writeup to live under http://upstart.ubuntu.com/wiki/ for
reference?

Thanks,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek at ubuntu.com                                     vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/upstart-devel/attachments/20131121/518d41f7/attachment.pgp>

More information about the upstart-devel mailing list