From 4126968bf9dbd354b06e0e9afbdb9afbc1ffe374 Mon Sep 17 00:00:00 2001
From: Julio Montes <julio.montes@intel.com>
Date: Mon, 9 Dec 2019 16:22:16 +0000
Subject: [PATCH] virtcontainers: save CgroupPaths and Cgroups in sandbox

`CgroupPaths` is a map that saves the cgroup type and path that were used for
the sandbox to create the cgroups
`Cgroups` contains information about sandbox's cgroups and its constraints.
Both variables can be used to create a cgroup configuration needed to
manipulate cgroups in the host.
currently kata uses `containerd/cgroups` and `libcontainer` to create cgroups.
`CgroupPaths` will replace to `CgroupPath` once kata uses *only* `libcontainer`

Signed-off-by: Julio Montes <julio.montes@intel.com>
---
 virtcontainers/persist.go             | 4 ++++
 virtcontainers/persist/api/config.go  | 5 +++++
 virtcontainers/persist/api/sandbox.go | 4 ++++
 virtcontainers/sandbox.go             | 5 +++++
 virtcontainers/types/sandbox.go       | 4 ++++
 5 files changed, 22 insertions(+)

diff --git a/virtcontainers/persist.go b/virtcontainers/persist.go
index e9475a33ae..f964fac02e 100644
--- a/virtcontainers/persist.go
+++ b/virtcontainers/persist.go
@@ -37,6 +37,7 @@ func (s *Sandbox) dumpState(ss *persistapi.SandboxState, cs map[string]persistap
 	ss.GuestMemoryHotplugProbe = s.state.GuestMemoryHotplugProbe
 	ss.State = string(s.state.State)
 	ss.CgroupPath = s.state.CgroupPath
+	ss.CgroupPaths = s.state.CgroupPaths
 
 	for id, cont := range s.containers {
 		state := persistapi.ContainerState{}
@@ -198,6 +199,7 @@ func (s *Sandbox) dumpConfig(ss *persistapi.SandboxState) {
 		SystemdCgroup:       sconfig.SystemdCgroup,
 		SandboxCgroupOnly:   sconfig.SandboxCgroupOnly,
 		DisableGuestSeccomp: sconfig.DisableGuestSeccomp,
+		Cgroups:             sconfig.Cgroups,
 	}
 
 	for _, e := range sconfig.Experimental {
@@ -317,6 +319,7 @@ func (s *Sandbox) loadState(ss persistapi.SandboxState) {
 	s.state.BlockIndex = ss.HypervisorState.BlockIndex
 	s.state.State = types.StateString(ss.State)
 	s.state.CgroupPath = ss.CgroupPath
+	s.state.CgroupPaths = ss.CgroupPaths
 	s.state.GuestMemoryHotplugProbe = ss.GuestMemoryHotplugProbe
 }
 
@@ -480,6 +483,7 @@ func loadSandboxConfig(id string) (*SandboxConfig, error) {
 		SystemdCgroup:       savedConf.SystemdCgroup,
 		SandboxCgroupOnly:   savedConf.SandboxCgroupOnly,
 		DisableGuestSeccomp: savedConf.DisableGuestSeccomp,
+		Cgroups:             savedConf.Cgroups,
 	}
 
 	for _, name := range savedConf.Experimental {
diff --git a/virtcontainers/persist/api/config.go b/virtcontainers/persist/api/config.go
index 6b2143e47b..50e51d9b67 100644
--- a/virtcontainers/persist/api/config.go
+++ b/virtcontainers/persist/api/config.go
@@ -7,6 +7,7 @@
 package persistapi
 
 import (
+	"github.com/opencontainers/runc/libcontainer/configs"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 )
 
@@ -247,4 +248,8 @@ type SandboxConfig struct {
 	//				a specific field
 
 	ContainerConfigs []ContainerConfig
+
+	// Cgroups specifies specific cgroup settings for the various subsystems that the container is
+	// placed into to limit the resources the container has available
+	Cgroups *configs.Cgroup `json:"cgroups"`
 }
diff --git a/virtcontainers/persist/api/sandbox.go b/virtcontainers/persist/api/sandbox.go
index 65b8df3656..8255f8b2a3 100644
--- a/virtcontainers/persist/api/sandbox.go
+++ b/virtcontainers/persist/api/sandbox.go
@@ -40,6 +40,10 @@ type SandboxState struct {
 	// FIXME: sandbox can reuse "SandboxContainer"'s CgroupPath so we can remove this field.
 	CgroupPath string
 
+	// CgroupPath is the cgroup hierarchy where sandbox's processes
+	// including the hypervisor are placed.
+	CgroupPaths map[string]string
+
 	// Devices plugged to sandbox(hypervisor)
 	Devices []DeviceState
 
diff --git a/virtcontainers/sandbox.go b/virtcontainers/sandbox.go
index 46b9ea9c0d..4fd50bb557 100644
--- a/virtcontainers/sandbox.go
+++ b/virtcontainers/sandbox.go
@@ -19,6 +19,7 @@ import (
 
 	"github.com/containerd/cgroups"
 	"github.com/containernetworking/plugins/pkg/ns"
+	"github.com/opencontainers/runc/libcontainer/configs"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 	opentracing "github.com/opentracing/opentracing-go"
 	"github.com/pkg/errors"
@@ -124,6 +125,10 @@ type SandboxConfig struct {
 
 	// Experimental features enabled
 	Experimental []exp.Feature
+
+	// Cgroups specifies specific cgroup settings for the various subsystems that the container is
+	// placed into to limit the resources the container has available
+	Cgroups *configs.Cgroup `json:"cgroups"`
 }
 
 func (s *Sandbox) trace(name string) (opentracing.Span, context.Context) {
diff --git a/virtcontainers/types/sandbox.go b/virtcontainers/types/sandbox.go
index 3938ed57ba..a0d766be7f 100644
--- a/virtcontainers/types/sandbox.go
+++ b/virtcontainers/types/sandbox.go
@@ -52,6 +52,10 @@ type SandboxState struct {
 	// including the hypervisor are placed.
 	CgroupPath string `json:"cgroupPath,omitempty"`
 
+	// Path to all the cgroups setup for a container. Key is cgroup subsystem name
+	// with the value as the path.
+	CgroupPaths map[string]string `json:"cgroupPaths"`
+
 	// PersistVersion indicates current storage api version.
 	// It's also known as ABI version of kata-runtime.
 	// Note: it won't be written to disk