From e1596f7abf7991a76a78fe96de055cb2a422e06d Mon Sep 17 00:00:00 2001 From: Zvonko Kaiser Date: Thu, 23 Jan 2025 03:53:32 +0000 Subject: [PATCH 1/3] agent: Add option to parse cgroup_no_v1 For AGENT_INIT=yes we do not run systemd and hence systemd.unified_... does not mean anything to other init systems. Providing cgroup_no_v1=all is enough to signal other init systemd to use cgroupV2. Signed-off-by: Zvonko Kaiser --- src/agent/src/config.rs | 12 ++++++++++++ src/agent/src/main.rs | 3 ++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/agent/src/config.rs b/src/agent/src/config.rs index 2858a570b8..5203fcedf0 100644 --- a/src/agent/src/config.rs +++ b/src/agent/src/config.rs @@ -26,6 +26,7 @@ const CDH_API_TIMOUT_OPTION: &str = "agent.cdh_api_timeout"; const DEBUG_CONSOLE_VPORT_OPTION: &str = "agent.debug_console_vport"; const LOG_VPORT_OPTION: &str = "agent.log_vport"; const CONTAINER_PIPE_SIZE_OPTION: &str = "agent.container_pipe_size"; +const CGROUP_NO_V1: &str = "cgroup_no_v1"; const UNIFIED_CGROUP_HIERARCHY_OPTION: &str = "systemd.unified_cgroup_hierarchy"; const CONFIG_FILE: &str = "agent.config_file"; const GUEST_COMPONENTS_REST_API_OPTION: &str = "agent.guest_components_rest_api"; @@ -136,6 +137,7 @@ pub struct AgentConfig { pub container_pipe_size: i32, pub server_addr: String, pub passfd_listener_port: i32, + pub cgroup_no_v1: String, pub unified_cgroup_hierarchy: bool, pub tracing: bool, pub supports_seccomp: bool, @@ -271,6 +273,7 @@ impl Default for AgentConfig { container_pipe_size: DEFAULT_CONTAINER_PIPE_SIZE, server_addr: format!("{}:{}", VSOCK_ADDR, DEFAULT_AGENT_VSOCK_PORT), passfd_listener_port: 0, + cgroup_no_v1: String::from(""), unified_cgroup_hierarchy: false, tracing: false, supports_seccomp: rpc::have_seccomp(), @@ -514,6 +517,13 @@ impl AgentConfig { config.container_pipe_size, get_container_pipe_size ); + parse_cmdline_param!( + param, + CGROUP_NO_V1, + config.cgroup_no_v1, + get_string_value, + | no_v1 | no_v1 == "all" + ); parse_cmdline_param!( param, UNIFIED_CGROUP_HIERARCHY_OPTION, @@ -898,6 +908,7 @@ mod tests { hotplug_timeout: time::Duration, container_pipe_size: i32, server_addr: &'a str, + cgroup_no_v1: &'a str, unified_cgroup_hierarchy: bool, tracing: bool, https_proxy: &'a str, @@ -927,6 +938,7 @@ mod tests { hotplug_timeout: DEFAULT_HOTPLUG_TIMEOUT, container_pipe_size: DEFAULT_CONTAINER_PIPE_SIZE, server_addr: TEST_SERVER_ADDR, + cgroup_no_v1: "", unified_cgroup_hierarchy: false, tracing: false, https_proxy: "", diff --git a/src/agent/src/main.rs b/src/agent/src/main.rs index c4df5f4aec..f8a1a24da2 100644 --- a/src/agent/src/main.rs +++ b/src/agent/src/main.rs @@ -228,8 +228,9 @@ async fn real_main(init_mode: bool) -> std::result::Result<(), Box Date: Thu, 23 Jan 2025 17:31:13 +0000 Subject: [PATCH 2/3] agent: Add tests for cgroup_no_v1 The only valid value is "all", ignore all other Signed-off-by: Zvonko Kaiser --- src/agent/src/config.rs | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/agent/src/config.rs b/src/agent/src/config.rs index 5203fcedf0..306281512c 100644 --- a/src/agent/src/config.rs +++ b/src/agent/src/config.rs @@ -1085,6 +1085,22 @@ mod tests { dev_mode: true, ..Default::default() }, + TestData { + contents: "cgroup_no_v1=1", + cgroup_no_v1: "", + ..Default::default() + }, + TestData { + contents: "cgroup_no_v1=all", + cgroup_no_v1: "all", + ..Default::default() + }, + TestData { + contents: "cgroup_no_v1=0 systemd.unified_cgroup_hierarchy=1", + cgroup_no_v1: "", + unified_cgroup_hierarchy: true, + ..Default::default() + }, TestData { contents: "agent.devmode agent.debug_console agent.hotplug_timeout=100 systemd.unified_cgroup_hierarchy=a", debug_console: true, @@ -1520,6 +1536,7 @@ mod tests { assert_eq!(d.debug_console, config.debug_console, "{}", msg); assert_eq!(d.dev_mode, config.dev_mode, "{}", msg); + assert_eq!(d.cgroup_no_v1, config.cgroup_no_v1, "{}", msg); assert_eq!( d.unified_cgroup_hierarchy, config.unified_cgroup_hierarchy, "{}", From 9162103f8527c9a67a8a4a6d01ab13196c8d343c Mon Sep 17 00:00:00 2001 From: Zvonko Kaiser Date: Thu, 23 Jan 2025 18:48:14 +0000 Subject: [PATCH 3/3] agent: Update macro for e.g. String type stack-only types are handled properly with the parse_cmdline_param macro advancted types like String couldn't be guarded by a guard function since it passed the variable by value rather than reference. Now we can have guard functions for the String type parse_cmdline_param!( param, CGROUP_NO_V1, config.cgroup_no_v1, get_string_value, | no_v1 | no_v1 == "all" ); Signed-off-by: Zvonko Kaiser --- src/agent/src/config.rs | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/agent/src/config.rs b/src/agent/src/config.rs index 306281512c..81302c39ab 100644 --- a/src/agent/src/config.rs +++ b/src/agent/src/config.rs @@ -252,7 +252,7 @@ macro_rules! parse_cmdline_param { ($param:ident, $key:ident, $field:expr, $func:ident, $guard:expr) => { if $param.starts_with(format!("{}=", $key).as_str()) { let val = $func($param)?; - if $guard(val) { + if $guard(&val) { $field = val; } continue; @@ -477,7 +477,7 @@ impl AgentConfig { HOTPLUG_TIMOUT_OPTION, config.hotplug_timeout, get_timeout, - |hotplug_timeout: time::Duration| hotplug_timeout.as_secs() > 0 + |hotplug_timeout: &time::Duration| hotplug_timeout.as_secs() > 0 ); // ensure the timeout is a positive value @@ -486,7 +486,7 @@ impl AgentConfig { CDH_API_TIMOUT_OPTION, config.cdh_api_timeout, get_timeout, - |cdh_api_timeout: time::Duration| cdh_api_timeout.as_secs() > 0 + |cdh_api_timeout: &time::Duration| cdh_api_timeout.as_secs() > 0 ); // vsock port should be positive values @@ -495,21 +495,21 @@ impl AgentConfig { DEBUG_CONSOLE_VPORT_OPTION, config.debug_console_vport, get_number_value, - |port| port > 0 + |port: &i32| *port > 0 ); parse_cmdline_param!( param, LOG_VPORT_OPTION, config.log_vport, get_number_value, - |port| port > 0 + |port: &i32| *port > 0 ); parse_cmdline_param!( param, PASSFD_LISTENER_PORT, config.passfd_listener_port, get_number_value, - |port| port > 0 + |port: &i32| *port > 0 ); parse_cmdline_param!( param, @@ -522,7 +522,7 @@ impl AgentConfig { CGROUP_NO_V1, config.cgroup_no_v1, get_string_value, - | no_v1 | no_v1 == "all" + |no_v1| no_v1 == "all" ); parse_cmdline_param!( param, @@ -722,7 +722,7 @@ where fields[1] .parse::() - .map_err(|e| anyhow!("parse from {} failed: {:?}", &fields[1], e)) + .map_err(|e| anyhow!("parse from {} failed: {:?}", fields[1], e)) } // Map logrus (https://godoc.org/github.com/sirupsen/logrus)