mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-07-06 12:06:49 +00:00
Merge pull request #1946 from fidencio/wip/weekly-backports-to-stable-2.1
[stable-2.1] Weekly backports to stable-2.1 branch, May 31st 2021
This commit is contained in:
Julio Montes
GitHub
commit
ff206cf6cf
@ -349,14 +349,34 @@ fn set_memory_resources(cg: &cgroups::Cgroup, memory: &LinuxMemory, update: bool
|
|||||||
mem_controller.set_kmem_limit(-1)?;
|
mem_controller.set_kmem_limit(-1)?;
|
||||||
}
|
}
|
||||||
|
|
||||||
set_resource!(mem_controller, set_limit, memory, limit);
|
// If the memory update is set to -1 we should also
|
||||||
set_resource!(mem_controller, set_soft_limit, memory, reservation);
|
// set swap to -1, it means unlimited memory.
|
||||||
set_resource!(mem_controller, set_kmem_limit, memory, kernel);
|
let mut swap = memory.swap.unwrap_or(0);
|
||||||
set_resource!(mem_controller, set_tcp_limit, memory, kernel_tcp);
|
if memory.limit == Some(-1) {
|
||||||
|
swap = -1;
|
||||||
|
}
|
||||||
|
|
||||||
if let Some(swap) = memory.swap {
|
if memory.limit.is_some() && swap != 0 {
|
||||||
// set memory swap
|
let memstat = get_memory_stats(cg)
|
||||||
let swap = if cg.v2() {
|
.into_option()
|
||||||
|
.ok_or_else(|| anyhow!("failed to get the cgroup memory stats"))?;
|
||||||
|
let memusage = memstat.get_usage();
|
||||||
|
|
||||||
|
// When update memory limit, the kernel would check the current memory limit
|
||||||
|
// set against the new swap setting, if the current memory limit is large than
|
||||||
|
// the new swap, then set limit first, otherwise the kernel would complain and
|
||||||
|
// refused to set; on the other hand, if the current memory limit is smaller than
|
||||||
|
// the new swap, then we should set the swap first and then set the memor limit.
|
||||||
|
if swap == -1 || memusage.get_limit() < swap as u64 {
|
||||||
|
mem_controller.set_memswap_limit(swap)?;
|
||||||
|
set_resource!(mem_controller, set_limit, memory, limit);
|
||||||
|
} else {
|
||||||
|
set_resource!(mem_controller, set_limit, memory, limit);
|
||||||
|
mem_controller.set_memswap_limit(swap)?;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
set_resource!(mem_controller, set_limit, memory, limit);
|
||||||
|
swap = if cg.v2() {
|
||||||
convert_memory_swap_to_v2_value(swap, memory.limit.unwrap_or(0))?
|
convert_memory_swap_to_v2_value(swap, memory.limit.unwrap_or(0))?
|
||||||
} else {
|
} else {
|
||||||
swap
|
swap
|
||||||
@ -366,6 +386,10 @@ fn set_memory_resources(cg: &cgroups::Cgroup, memory: &LinuxMemory, update: bool
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
set_resource!(mem_controller, set_soft_limit, memory, reservation);
|
||||||
|
set_resource!(mem_controller, set_kmem_limit, memory, kernel);
|
||||||
|
set_resource!(mem_controller, set_tcp_limit, memory, kernel_tcp);
|
||||||
|
|
||||||
if let Some(swappiness) = memory.swappiness {
|
if let Some(swappiness) = memory.swappiness {
|
||||||
if (0..=100).contains(&swappiness) {
|
if (0..=100).contains(&swappiness) {
|
||||||
mem_controller.set_swappiness(swappiness as u64)?;
|
mem_controller.set_swappiness(swappiness as u64)?;
|
||||||
|
|||||||
@ -248,6 +248,7 @@ fn main() -> std::result::Result<(), Box<dyn std::error::Error>> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if args.len() == 2 && args[1] == "init" {
|
if args.len() == 2 && args[1] == "init" {
|
||||||
|
reset_sigpipe();
|
||||||
rustjail::container::init_child();
|
rustjail::container::init_child();
|
||||||
exit(0);
|
exit(0);
|
||||||
}
|
}
|
||||||
@ -358,5 +359,16 @@ fn sethostname(hostname: &OsStr) -> Result<()> {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// The Rust standard library had suppressed the default SIGPIPE behavior,
|
||||||
|
// see https://github.com/rust-lang/rust/pull/13158.
|
||||||
|
// Since the parent's signal handler would be inherited by it's child process,
|
||||||
|
// thus we should re-enable the standard SIGPIPE behavior as a workaround to
|
||||||
|
// fix the issue of https://github.com/kata-containers/kata-containers/issues/1887.
|
||||||
|
fn reset_sigpipe() {
|
||||||
|
unsafe {
|
||||||
|
libc::signal(libc::SIGPIPE, libc::SIG_DFL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
use crate::config::AgentConfig;
|
use crate::config::AgentConfig;
|
||||||
use std::os::unix::io::{FromRawFd, RawFd};
|
use std::os::unix::io::{FromRawFd, RawFd};
|
||||||
|
|||||||
@ -75,6 +75,8 @@ func (v *virtiofsd) getSocketFD() (*os.File, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// no longer needed since fd is a dup
|
||||||
defer listener.Close()
|
defer listener.Close()
|
||||||
|
|
||||||
listener.SetUnlinkOnClose(false)
|
listener.SetUnlinkOnClose(false)
|
||||||
@ -98,6 +100,7 @@ func (v *virtiofsd) Start(ctx context.Context) (int, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
|
defer socketFD.Close()
|
||||||
|
|
||||||
cmd.ExtraFiles = append(cmd.ExtraFiles, socketFD)
|
cmd.ExtraFiles = append(cmd.ExtraFiles, socketFD)
|
||||||
|
|
||||||
@ -128,7 +131,7 @@ func (v *virtiofsd) Start(ctx context.Context) (int, error) {
|
|||||||
v.wait = waitVirtiofsReady
|
v.wait = waitVirtiofsReady
|
||||||
}
|
}
|
||||||
|
|
||||||
return pid, socketFD.Close()
|
return cmd.Process.Pid, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (v *virtiofsd) Stop(ctx context.Context) error {
|
func (v *virtiofsd) Stop(ctx context.Context) error {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user