diff --git a/src/agent/rustjail/src/container.rs b/src/agent/rustjail/src/container.rs index ed69ef60d1..15b7d39cef 100644 --- a/src/agent/rustjail/src/container.rs +++ b/src/agent/rustjail/src/container.rs @@ -1482,12 +1482,11 @@ impl LinuxContainer { } else { linux.cgroups_path.clone() } + } else if linux.cgroups_path.is_empty() { + format!("/{}", id.as_str()) } else { - if linux.cgroups_path.is_empty() { - format!("/{}", id.as_str()) - } else { - linux.cgroups_path.clone() - } + // if we have a systemd cgroup path we need to convert it to a fs cgroup path + linux.cgroups_path.replace(':', "/") }; let cgroup_manager: Box = if config.use_systemd_cgroup { diff --git a/src/agent/src/main.rs b/src/agent/src/main.rs index 2c1f41defe..d8e9fc828b 100644 --- a/src/agent/src/main.rs +++ b/src/agent/src/main.rs @@ -339,7 +339,7 @@ async fn start_sandbox( sandbox.lock().await.sender = Some(tx); // vsock:///dev/vsock, port - let mut server = rpc::start(sandbox.clone(), config.server_addr.as_str())?; + let mut server = rpc::start(sandbox.clone(), config.server_addr.as_str(), init_mode)?; server.start().await?; rx.await?; diff --git a/src/agent/src/rpc.rs b/src/agent/src/rpc.rs index 0081765416..3be8fed5c8 100644 --- a/src/agent/src/rpc.rs +++ b/src/agent/src/rpc.rs @@ -137,6 +137,7 @@ macro_rules! is_allowed { #[derive(Clone, Debug)] pub struct AgentService { sandbox: Arc>, + init_mode: bool, } impl AgentService { @@ -213,8 +214,13 @@ impl AgentService { // determine which cgroup driver to take and then assign to use_systemd_cgroup // systemd: "[slice]:[prefix]:[name]" // fs: "/path_a/path_b" + // If agent is init we can't use systemd cgroup mode, no matter what the host tells us let cgroups_path = oci.linux.as_ref().map_or("", |linux| &linux.cgroups_path); - let use_systemd_cgroup = SYSTEMD_CGROUP_PATH_FORMAT.is_match(cgroups_path); + let use_systemd_cgroup = if self.init_mode { + false + } else { + SYSTEMD_CGROUP_PATH_FORMAT.is_match(cgroups_path) + }; let opts = CreateOpts { cgroup_name: "".to_string(), @@ -1679,9 +1685,11 @@ async fn read_stream(reader: Arc>>, l: usize) -> Resu Ok(content) } -pub fn start(s: Arc>, server_address: &str) -> Result { - let agent_service = - Box::new(AgentService { sandbox: s }) as Box; +pub fn start(s: Arc>, server_address: &str, init_mode: bool) -> Result { + let agent_service = Box::new(AgentService { + sandbox: s, + init_mode, + }) as Box; let agent_worker = Arc::new(agent_service); @@ -2157,6 +2165,7 @@ mod tests { let agent_service = Box::new(AgentService { sandbox: Arc::new(Mutex::new(sandbox)), + init_mode: true, }); let req = protocols::agent::UpdateInterfaceRequest::default(); @@ -2174,6 +2183,7 @@ mod tests { let agent_service = Box::new(AgentService { sandbox: Arc::new(Mutex::new(sandbox)), + init_mode: true, }); let req = protocols::agent::UpdateRoutesRequest::default(); @@ -2191,6 +2201,7 @@ mod tests { let agent_service = Box::new(AgentService { sandbox: Arc::new(Mutex::new(sandbox)), + init_mode: true, }); let req = protocols::agent::AddARPNeighborsRequest::default(); @@ -2324,6 +2335,7 @@ mod tests { let agent_service = Box::new(AgentService { sandbox: Arc::new(Mutex::new(sandbox)), + init_mode: true, }); let result = agent_service @@ -2804,6 +2816,7 @@ OtherField:other let sandbox = Sandbox::new(&logger).unwrap(); let agent_service = Box::new(AgentService { sandbox: Arc::new(Mutex::new(sandbox)), + init_mode: true, }); let ctx = mk_ttrpc_context();