runtime-rs: load the cgroup path correctly

When the sandbox api was enabled, the pause container would be removed and sandbox start api only pass an empty bundle directory, which means there's no oci spec file under it, thus the cgroup config couldn't get the cgroup path from pause container's oci spec. So we should set a default cgroup path for sandbox api case. In the future, we can promote containerd to pass the cgroup path during the sandbox start phase. Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
2025-08-30 14:25:43 +00:00 · 2025-01-24 18:55:50 +08:00 · 2025-01-24 18:55:50 +08:00 · 9492c45d06
commit 9492c45d06
parent 78b96a6e2e
1 changed files with 16 additions and 14 deletions
--- a/src/runtime-rs/crates/resource/src/cgroups/mod.rs
+++ b/src/runtime-rs/crates/resource/src/cgroups/mod.rs
@ -29,6 +29,7 @@ use tokio::sync::RwLock;
 use crate::ResourceUpdateOp;

 const OS_ERROR_NO_SUCH_PROCESS: i32 = 3;
+const SANDBOXED_CGROUP_PATH: &str = "kata_sandboxed_pod";

 pub struct CgroupArgs {
    pub sid: String,
@ -44,20 +45,21 @@ pub struct CgroupConfig {
 impl CgroupConfig {
    fn new(sid: &str, toml_config: &TomlConfig) -> Result<Self> {
        let overhead_path = utils::gen_overhead_path(sid);
-        let spec = load_oci_spec()?;
-        let path = spec
-            .linux()
-            .clone()
-            .and_then(|linux| linux.cgroups_path().clone())
-            .map(|path| {
-                // The trim of '/' is important, because cgroup_path is a relative path.
-                path.display()
-                    .to_string()
-                    .trim_start_matches('/')
-                    .to_string()
-            })
-            .unwrap_or_default();
-
+        let path = if let Ok(spec) = load_oci_spec() {
+            spec.linux()
+                .clone()
+                .and_then(|linux| linux.cgroups_path().clone())
+                .map(|path| {
+                    // The trim of '/' is important, because cgroup_path is a relative path.
+                    path.display()
+                        .to_string()
+                        .trim_start_matches('/')
+                        .to_string()
+                })
+                .unwrap_or_default()
+        } else {
+            format!("{}/{}", SANDBOXED_CGROUP_PATH, sid)
+        };
        Ok(Self {
            path,
            overhead_path,