mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-08-11 12:52:23 +00:00
sandbox: combine sandbox cgroup functions
Simplify the tests and the code by combining the create and join functions into a single function. Signed-off-by: Eric Ernst <eric.ernst@intel.com>
This commit is contained in:
parent
9fc7246e8a
commit
b62814a6f0
@ -77,13 +77,8 @@ func createSandboxFromConfig(ctx context.Context, sandboxConfig SandboxConfig, f
|
|||||||
|
|
||||||
// Move runtime to sandbox cgroup so all process are created there.
|
// Move runtime to sandbox cgroup so all process are created there.
|
||||||
if s.config.SandboxCgroupOnly {
|
if s.config.SandboxCgroupOnly {
|
||||||
if err := s.setupSandboxCgroupOnly(); err != nil {
|
if err := s.setupSandboxCgroup(); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
||||||
}
|
|
||||||
if err := s.joinSandboxCgroup(); err != nil {
|
|
||||||
return nil, err
|
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2080,28 +2080,31 @@ func (s *Sandbox) cpuResources() *specs.LinuxCPU {
|
|||||||
return validCPUResources(cpu)
|
return validCPUResources(cpu)
|
||||||
}
|
}
|
||||||
|
|
||||||
// setupSandboxCgroup creates sandbox cgroups for the sandbox config
|
// setupSandboxCgroup creates and joins sandbox cgroups for the sandbox config
|
||||||
func (s *Sandbox) setupSandboxCgroupOnly() error {
|
func (s *Sandbox) setupSandboxCgroup() error {
|
||||||
var PodSandboxConfig *ContainerConfig
|
var podSandboxConfig *ContainerConfig
|
||||||
|
|
||||||
if s.config == nil {
|
if s.config == nil {
|
||||||
return fmt.Errorf("Sandbox config is nil")
|
return fmt.Errorf("Sandbox config is nil")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// get the container associated with the PodSandbox annotation. In Kubernetes, this
|
||||||
|
// represents the pause container. In Docker, this is the container. We derive the
|
||||||
|
// cgroup path from this container.
|
||||||
for _, cConfig := range s.config.Containers {
|
for _, cConfig := range s.config.Containers {
|
||||||
if cConfig.Annotations[annotations.ContainerTypeKey] == string(PodSandbox) {
|
if cConfig.Annotations[annotations.ContainerTypeKey] == string(PodSandbox) {
|
||||||
PodSandboxConfig = &cConfig
|
podSandboxConfig = &cConfig
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if PodSandboxConfig == nil {
|
if podSandboxConfig == nil {
|
||||||
return fmt.Errorf("Failed to find cgroup path for Sandbox: Container of type '%s' not found", PodSandbox)
|
return fmt.Errorf("Failed to find cgroup path for sandbox: Container of type '%s' not found", PodSandbox)
|
||||||
}
|
}
|
||||||
|
|
||||||
configJSON, ok := PodSandboxConfig.Annotations[annotations.ConfigJSONKey]
|
configJSON, ok := podSandboxConfig.Annotations[annotations.ConfigJSONKey]
|
||||||
if !ok {
|
if !ok {
|
||||||
return fmt.Errorf("Could not find json config in annotations for container '%s'", PodSandboxConfig.ID)
|
return fmt.Errorf("Could not find json config in annotations for container '%s'", podSandboxConfig.ID)
|
||||||
}
|
}
|
||||||
|
|
||||||
var spec specs.Spec
|
var spec specs.Spec
|
||||||
@ -2110,41 +2113,25 @@ func (s *Sandbox) setupSandboxCgroupOnly() error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if spec.Linux == nil {
|
if spec.Linux == nil {
|
||||||
// Cgroup path is optional, just skip the setup
|
// Cgroup path is optional, though expected. If not defined, skip the setup
|
||||||
|
s.Logger().WithField("sandboxid", podSandboxConfig.ID).Warning("no cgroup path provided for pod sandbox, not creating sandbox cgroup")
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
validContainerCgroup := utils.ValidCgroupPath(spec.Linux.CgroupsPath)
|
validContainerCgroup := utils.ValidCgroupPath(spec.Linux.CgroupsPath)
|
||||||
|
|
||||||
// Use the parent cgroup of the container sandbox as the sandbox cgroup
|
// Create a Kata sandbox cgroup with the cgroup of the sandbox container as the parent
|
||||||
|
s.state.CgroupPath = filepath.Join(filepath.Dir(validContainerCgroup), cgroupKataPrefix+"_"+podSandboxConfig.ID)
|
||||||
s.state.CgroupPath = filepath.Join(filepath.Dir(validContainerCgroup), cgroupKataPrefix+"_"+PodSandboxConfig.ID)
|
cgroup, err := cgroupsNewFunc(cgroups.V1, cgroups.StaticPath(s.state.CgroupPath), &specs.LinuxResources{})
|
||||||
_, err := cgroupsNewFunc(cgroups.V1, cgroups.StaticPath(s.state.CgroupPath), &specs.LinuxResources{})
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Could not create sandbox cgroup in %v: %v", s.state.CgroupPath, err)
|
return fmt.Errorf("Could not create sandbox cgroup in %v: %v", s.state.CgroupPath, err)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
// Add the runtime to the Kata sandbox cgroup
|
||||||
}
|
|
||||||
|
|
||||||
// joinSandboxCgroup adds the runtime PID to the sandbox defined in sandboxes' CgroupPath
|
|
||||||
func (s *Sandbox) joinSandboxCgroup() error {
|
|
||||||
|
|
||||||
if s.state.CgroupPath == "" {
|
|
||||||
// This is an optional value
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
cgroup, err := cgroupsLoadFunc(cgroups.V1, cgroups.StaticPath(s.state.CgroupPath))
|
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("Could not load sandbox cgroup in %v: %v", s.state.CgroupPath, err)
|
|
||||||
}
|
|
||||||
|
|
||||||
s.Logger().WithField("cgroup:", s.state.CgroupPath).Debug("joining to sandbox cgroup")
|
|
||||||
runtimePid := os.Getpid()
|
runtimePid := os.Getpid()
|
||||||
|
|
||||||
if err := cgroup.Add(cgroups.Process{Pid: runtimePid}); err != nil {
|
if err := cgroup.Add(cgroups.Process{Pid: runtimePid}); err != nil {
|
||||||
return fmt.Errorf("Could not add runtime PID %d to sandbox cgroup: %v", runtimePid, err)
|
return fmt.Errorf("Could not add runtime PID %d to sandbox cgroup: %v", runtimePid, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -1474,6 +1474,7 @@ func TestSandboxExperimentalFeature(t *testing.T) {
|
|||||||
assert.True(t, sconfig.valid())
|
assert.True(t, sconfig.valid())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
func TestSandbox_joinSandboxCgroup(t *testing.T) {
|
func TestSandbox_joinSandboxCgroup(t *testing.T) {
|
||||||
|
|
||||||
mockValidCgroup := &Sandbox{}
|
mockValidCgroup := &Sandbox{}
|
||||||
@ -1495,8 +1496,9 @@ func TestSandbox_joinSandboxCgroup(t *testing.T) {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
func TestSandbox_SetupSandboxCgroupOnly(t *testing.T) {
|
func TestSandbox_SetupSandboxCgroup(t *testing.T) {
|
||||||
sandboxContainer := ContainerConfig{}
|
sandboxContainer := ContainerConfig{}
|
||||||
sandboxContainer.Annotations = make(map[string]string)
|
sandboxContainer.Annotations = make(map[string]string)
|
||||||
sandboxContainer.Annotations[annotations.ContainerTypeKey] = string(PodSandbox)
|
sandboxContainer.Annotations[annotations.ContainerTypeKey] = string(PodSandbox)
|
||||||
@ -1561,7 +1563,7 @@ func TestSandbox_SetupSandboxCgroupOnly(t *testing.T) {
|
|||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
if err := tt.s.setupSandboxCgroupOnly(); (err != nil) != tt.wantErr {
|
if err := tt.s.setupSandboxCgroup(); (err != nil) != tt.wantErr {
|
||||||
t.Errorf("Sandbox.SetupSandboxCgroupOnly() error = %v, wantErr %v", err, tt.wantErr)
|
t.Errorf("Sandbox.SetupSandboxCgroupOnly() error = %v, wantErr %v", err, tt.wantErr)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user