rustjail: fix the issue of container's cgroup root path

We should create the container's cgroup under the system's cgroup default path such as "/sys/fs/cgroup/<sub system>", instead of under the kata-agnet's process's cgroup path, which would under the systemd's cgroup such as "/sys/fs/cgroup/systemd/system.slice/kata-agent.service" Fixes: #1319 Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
2025-06-27 07:48:55 +00:00 · 2021-01-25 22:11:36 +08:00 · 2021-01-25 22:11:36 +08:00 · 448771f53d
commit 448771f53d
parent 4de21e3d95
3 changed files with 9 additions and 25 deletions
--- a/src/agent/Cargo.lock
+++ b/src/agent/Cargo.lock
@ -170,9 +170,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 [[package]]
 name = "cgroups-rs"
-version = "0.2.1"
+version = "0.2.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "348eb6d8e20a9f5247209686b7d0ffc2f4df40ddcb95f9940de55a94a655b3f5"
+checksum = "52d1133681d746cc4807ad3b8005019af9299a086f61d5ed1de0e3a2000184f2"
 dependencies = [
 "libc",
 "log",
--- a/src/agent/Cargo.toml
+++ b/src/agent/Cargo.toml
@ -46,7 +46,7 @@ tempfile = "3.1.0"
 prometheus = { version = "0.9.0", features = ["process"] }
 procfs = "0.7.9"
 anyhow = "1.0.32"
-cgroups = { package = "cgroups-rs", version = "0.2.1" }
+cgroups = { package = "cgroups-rs", version = "0.2.2" }
 [workspace]
 members = [
--- a/src/agent/rustjail/src/cgroups/fs/mod.rs
+++ b/src/agent/rustjail/src/cgroups/fs/mod.rs
@ -60,7 +60,6 @@ pub struct Manager {
    pub cpath: String,
    #[serde(skip)]
    cgroup: cgroups::Cgroup,
    relative_paths: HashMap<String, String>,
 }
 // set_resource is used to set reources by cgroup controller.
@ -946,38 +945,28 @@ pub fn get_mounts() -> Result<HashMap<String, String>> {
    Ok(m)
 }
-fn new_cgroup(
+fn new_cgroup(h: Box<dyn cgroups::Hierarchy>, path: &str) -> Cgroup {
    h: Box<dyn cgroups::Hierarchy>,
    path: &str,
    relative_paths: HashMap<String, String>,
 ) -> Cgroup {
    let valid_path = path.trim_start_matches('/').to_string();
-    cgroups::Cgroup::new_with_relative_paths(h, valid_path.as_str(), relative_paths)
+    cgroups::Cgroup::new(h, valid_path.as_str())
 }
 impl Manager {
    pub fn new(cpath: &str) -> Result<Self> {
        let mut m = HashMap::new();
        let mut relative_paths = HashMap::new();
        let paths = get_paths()?;
        let mounts = get_mounts()?;
-        for (key, value) in &paths {
+        for key in paths.keys() {
            let mnt = mounts.get(key);
            if mnt.is_none() {
                continue;
            }
-            let p = if value == "/" {
+            let p = format!("{}/{}", mnt.unwrap(), cpath);
                format!("{}/{}", mnt.unwrap(), cpath)
            } else {
                format!("{}{}/{}", mnt.unwrap(), value, cpath)
            };
            m.insert(key.to_string(), p);
            relative_paths.insert(key.to_string(), value.to_string());
        }
        Ok(Self {
@ -985,8 +974,7 @@ impl Manager {
            mounts,
            // rels: paths,
            cpath: cpath.to_string(),
-            cgroup: new_cgroup(cgroups::hierarchies::auto(), cpath, relative_paths.clone()),
+            cgroup: new_cgroup(cgroups::hierarchies::auto(), cpath),
            relative_paths,
        })
    }
@ -1031,11 +1019,7 @@ impl Manager {
                .unwrap()
                .trim_start_matches(root_path.to_str().unwrap());
            info!(sl!(), "updating cpuset for parent path {:?}", &r_path);
-            let cg = new_cgroup(
+            let cg = new_cgroup(cgroups::hierarchies::auto(), &r_path);
                cgroups::hierarchies::auto(),
                &r_path,
                self.relative_paths.clone(),
            );
            let cpuset_controller: &CpuSetController = cg.controller_of().unwrap();
            cpuset_controller.set_cpus(guest_cpuset)?;
        }