github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-19 09:52:49 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #89182 from dims/just-use-runtime-numcpu

Browse Source 
Just use runtime.NumCPU on windows
This commit is contained in:
Kubernetes Prow Robot 2020-03-19 06:05:51 -07:00 committed by GitHub
commit dfb6993947
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 5 additions and 721 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/kubelet/dockershim/BUILD
View File

@ -78,7 +78,6 @@ go_library(
"//pkg/kubelet/apis:go_default_library",
"//pkg/kubelet/winstats:go_default_library",
"//vendor/github.com/Microsoft/hcsshim:go_default_library",
"//vendor/github.com/docker/docker/pkg/sysinfo:go_default_library",
"//vendor/golang.org/x/sys/windows/registry:go_default_library",
],
"//conditions:default": [],

4
pkg/kubelet/dockershim/helpers_windows.go
View File

@ -20,12 +20,12 @@ package dockershim
import (
"os"
"runtime"
"github.com/blang/semver"
dockertypes "github.com/docker/docker/api/types"
dockercontainer "github.com/docker/docker/api/types/container"
dockerfilters "github.com/docker/docker/api/types/filters"
"github.com/docker/docker/pkg/sysinfo"
"k8s.io/klog"
runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1alpha2"
@ -75,7 +75,7 @@ func (ds *dockerService) updateCreateConfig(
Memory: rOpts.MemoryLimitInBytes,
CPUShares: rOpts.CpuShares,
CPUCount: rOpts.CpuCount,
NanoCPUs: rOpts.CpuMaximum * int64(sysinfo.NumCPU()) * (1e9 / 10000),
NanoCPUs: rOpts.CpuMaximum * int64(runtime.NumCPU()) * (1e9 / 10000),
}
}

1
pkg/kubelet/kuberuntime/BUILD
View File

@ -83,7 +83,6 @@ go_library(
],
"@io_bazel_rules_go//go/platform:windows": [
"//pkg/kubelet/apis:go_default_library",
"//vendor/github.com/docker/docker/pkg/sysinfo:go_default_library",
],
"//conditions:default": [],
}),

5
pkg/kubelet/kuberuntime/kuberuntime_container_windows.go
View File

@ -20,8 +20,7 @@ package kuberuntime
import (
"fmt"
"github.com/docker/docker/pkg/sysinfo"
"runtime"
"k8s.io/api/core/v1"
utilfeature "k8s.io/apiserver/pkg/util/feature"
@ -85,7 +84,7 @@ func (m *kubeGenericRuntimeManager) generateWindowsContainerConfig(container *v1
// https://github.com/opencontainers/runtime-spec/blob/ad53dcdc39f1f7f7472b10aa0a45648fe4865496/config-windows.md#cpu
// If both CpuWeight and CpuMaximum are set - ContainerD catches this invalid case and returns an error instead.
cpuMaximum := 10000 * cpuLimit.MilliValue() / int64(sysinfo.NumCPU()) / 1000
cpuMaximum := 10000 * cpuLimit.MilliValue() / int64(runtime.NumCPU()) / 1000
// TODO: This should be reviewed or removed once Hyper-V support is implemented with CRI-ContainerD
// in a future release. cpuCount may or may not be required if cpuMaximum is set.

3
vendor/BUILD vendored
View File

@ -116,9 +116,8 @@ filegroup(
"//vendor/github.com/docker/docker/errdefs:all-srcs",
"//vendor/github.com/docker/docker/pkg/jsonmessage:all-srcs",
"//vendor/github.com/docker/docker/pkg/mount:all-srcs",
"//vendor/github.com/docker/docker/pkg/parsers:all-srcs",
"//vendor/github.com/docker/docker/pkg/parsers/operatingsystem:all-srcs",
"//vendor/github.com/docker/docker/pkg/stdcopy:all-srcs",
"//vendor/github.com/docker/docker/pkg/sysinfo:all-srcs",
"//vendor/github.com/docker/docker/pkg/term:all-srcs",
"//vendor/github.com/docker/go-connections/nat:all-srcs",
"//vendor/github.com/docker/go-connections/sockets:all-srcs",

26
vendor/github.com/docker/docker/pkg/parsers/BUILD generated vendored
View File

@ -1,26 +0,0 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
srcs = ["parsers.go"],
importmap = "k8s.io/kubernetes/vendor/github.com/docker/docker/pkg/parsers",
importpath = "github.com/docker/docker/pkg/parsers",
visibility = ["//visibility:public"],
)
filegroup(
name = "package-srcs",
srcs = glob(["**"]),
tags = ["automanaged"],
visibility = ["//visibility:private"],
)
filegroup(
name = "all-srcs",
srcs = [
":package-srcs",
"//vendor/github.com/docker/docker/pkg/parsers/operatingsystem:all-srcs",
],
tags = ["automanaged"],
visibility = ["//visibility:public"],
)

97
vendor/github.com/docker/docker/pkg/parsers/parsers.go generated vendored
View File

@ -1,97 +0,0 @@
// Package parsers provides helper functions to parse and validate different type
// of string. It can be hosts, unix addresses, tcp addresses, filters, kernel
// operating system versions.
package parsers // import "github.com/docker/docker/pkg/parsers"
import (
"fmt"
"strconv"
"strings"
)
// ParseKeyValueOpt parses and validates the specified string as a key/value pair (key=value)
func ParseKeyValueOpt(opt string) (string, string, error) {
parts := strings.SplitN(opt, "=", 2)
if len(parts) != 2 {
return "", "", fmt.Errorf("Unable to parse key/value option: %s", opt)
}
return strings.TrimSpace(parts[0]), strings.TrimSpace(parts[1]), nil
}
// ParseUintListMaximum parses and validates the specified string as the value
// found in some cgroup file (e.g. `cpuset.cpus`, `cpuset.mems`), which could be
// one of the formats below. Note that duplicates are actually allowed in the
// input string. It returns a `map[int]bool` with available elements from `val`
// set to `true`. Values larger than `maximum` cause an error if max is non zero,
// in order to stop the map becoming excessively large.
// Supported formats:
// 7
// 1-6
// 0,3-4,7,8-10
// 0-0,0,1-7
// 03,1-3 <- this is gonna get parsed as [1,2,3]
// 3,2,1
// 0-2,3,1
func ParseUintListMaximum(val string, maximum int) (map[int]bool, error) {
return parseUintList(val, maximum)
}
// ParseUintList parses and validates the specified string as the value
// found in some cgroup file (e.g. `cpuset.cpus`, `cpuset.mems`), which could be
// one of the formats below. Note that duplicates are actually allowed in the
// input string. It returns a `map[int]bool` with available elements from `val`
// set to `true`.
// Supported formats:
// 7
// 1-6
// 0,3-4,7,8-10
// 0-0,0,1-7
// 03,1-3 <- this is gonna get parsed as [1,2,3]
// 3,2,1
// 0-2,3,1
func ParseUintList(val string) (map[int]bool, error) {
return parseUintList(val, 0)
}
func parseUintList(val string, maximum int) (map[int]bool, error) {
if val == "" {
return map[int]bool{}, nil
}
availableInts := make(map[int]bool)
split := strings.Split(val, ",")
errInvalidFormat := fmt.Errorf("invalid format: %s", val)
for _, r := range split {
if !strings.Contains(r, "-") {
v, err := strconv.Atoi(r)
if err != nil {
return nil, errInvalidFormat
}
if maximum != 0 && v > maximum {
return nil, fmt.Errorf("value of out range, maximum is %d", maximum)
}
availableInts[v] = true
} else {
split := strings.SplitN(r, "-", 2)
min, err := strconv.Atoi(split[0])
if err != nil {
return nil, errInvalidFormat
}
max, err := strconv.Atoi(split[1])
if err != nil {
return nil, errInvalidFormat
}
if max < min {
return nil, errInvalidFormat
}
if maximum != 0 && max > maximum {
return nil, fmt.Errorf("value of out range, maximum is %d", maximum)
}
for i := min; i <= max; i++ {
availableInts[i] = true
}
}
}
return availableInts, nil
}

49
vendor/github.com/docker/docker/pkg/sysinfo/BUILD generated vendored
View File

@ -1,49 +0,0 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
srcs = [
"numcpu.go",
"numcpu_linux.go",
"numcpu_windows.go",
"sysinfo.go",
"sysinfo_linux.go",
"sysinfo_unix.go",
"sysinfo_windows.go",
],
importmap = "k8s.io/kubernetes/vendor/github.com/docker/docker/pkg/sysinfo",
importpath = "github.com/docker/docker/pkg/sysinfo",
visibility = ["//visibility:public"],
deps = [
"//vendor/github.com/docker/docker/pkg/parsers:go_default_library",
] + select({
"@io_bazel_rules_go//go/platform:android": [
"//vendor/github.com/opencontainers/runc/libcontainer/cgroups:go_default_library",
"//vendor/github.com/sirupsen/logrus:go_default_library",
"//vendor/golang.org/x/sys/unix:go_default_library",
],
"@io_bazel_rules_go//go/platform:linux": [
"//vendor/github.com/opencontainers/runc/libcontainer/cgroups:go_default_library",
"//vendor/github.com/sirupsen/logrus:go_default_library",
"//vendor/golang.org/x/sys/unix:go_default_library",
],
"@io_bazel_rules_go//go/platform:windows": [
"//vendor/golang.org/x/sys/windows:go_default_library",
],
"//conditions:default": [],
}),
)
filegroup(
name = "package-srcs",
srcs = glob(["**"]),
tags = ["automanaged"],
visibility = ["//visibility:private"],
)
filegroup(
name = "all-srcs",
srcs = [":package-srcs"],
tags = ["automanaged"],
visibility = ["//visibility:public"],
)

1
vendor/github.com/docker/docker/pkg/sysinfo/README.md generated vendored
View File

@ -1 +0,0 @@
SysInfo stores information about which features a kernel supports.

12
vendor/github.com/docker/docker/pkg/sysinfo/numcpu.go generated vendored
View File

@ -1,12 +0,0 @@
// +build !linux,!windows
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
import (
"runtime"
)
// NumCPU returns the number of CPUs
func NumCPU() int {
return runtime.NumCPU()
}

42
vendor/github.com/docker/docker/pkg/sysinfo/numcpu_linux.go generated vendored
View File

@ -1,42 +0,0 @@
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
import (
"runtime"
"unsafe"
"golang.org/x/sys/unix"
)
// numCPU queries the system for the count of threads available
// for use to this process.
//
// Issues two syscalls.
// Returns 0 on errors. Use |runtime.NumCPU| in that case.
func numCPU() int {
// Gets the affinity mask for a process: The very one invoking this function.
pid, _, _ := unix.RawSyscall(unix.SYS_GETPID, 0, 0, 0)
var mask [1024 / 64]uintptr
_, _, err := unix.RawSyscall(unix.SYS_SCHED_GETAFFINITY, pid, uintptr(len(mask)*8), uintptr(unsafe.Pointer(&mask[0])))
if err != 0 {
return 0
}
// For every available thread a bit is set in the mask.
ncpu := 0
for _, e := range mask {
if e == 0 {
continue
}
ncpu += int(popcnt(uint64(e)))
}
return ncpu
}
// NumCPU returns the number of CPUs which are currently online
func NumCPU() int {
if ncpu := numCPU(); ncpu > 0 {
return ncpu
}
return runtime.NumCPU()
}

35
vendor/github.com/docker/docker/pkg/sysinfo/numcpu_windows.go generated vendored
View File

@ -1,35 +0,0 @@
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
import (
"runtime"
"unsafe"
"golang.org/x/sys/windows"
)
var (
kernel32 = windows.NewLazySystemDLL("kernel32.dll")
getCurrentProcess = kernel32.NewProc("GetCurrentProcess")
getProcessAffinityMask = kernel32.NewProc("GetProcessAffinityMask")
)
func numCPU() int {
// Gets the affinity mask for a process
var mask, sysmask uintptr
currentProcess, _, _ := getCurrentProcess.Call()
ret, _, _ := getProcessAffinityMask.Call(currentProcess, uintptr(unsafe.Pointer(&mask)), uintptr(unsafe.Pointer(&sysmask)))
if ret == 0 {
return 0
}
// For every available thread a bit is set in the mask.
ncpu := int(popcnt(uint64(mask)))
return ncpu
}
// NumCPU returns the number of CPUs which are currently online
func NumCPU() int {
if ncpu := numCPU(); ncpu > 0 {
return ncpu
}
return runtime.NumCPU()
}

155
vendor/github.com/docker/docker/pkg/sysinfo/sysinfo.go generated vendored
View File

@ -1,155 +0,0 @@
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
import "github.com/docker/docker/pkg/parsers"
// SysInfo stores information about which features a kernel supports.
// TODO Windows: Factor out platform specific capabilities.
type SysInfo struct {
// Whether the kernel supports AppArmor or not
AppArmor bool
// Whether the kernel supports Seccomp or not
Seccomp bool
cgroupMemInfo
cgroupCPUInfo
cgroupBlkioInfo
cgroupCpusetInfo
cgroupPids
// Whether IPv4 forwarding is supported or not, if this was disabled, networking will not work
IPv4ForwardingDisabled bool
// Whether bridge-nf-call-iptables is supported or not
BridgeNFCallIPTablesDisabled bool
// Whether bridge-nf-call-ip6tables is supported or not
BridgeNFCallIP6TablesDisabled bool
// Whether the cgroup has the mountpoint of "devices" or not
CgroupDevicesEnabled bool
}
type cgroupMemInfo struct {
// Whether memory limit is supported or not
MemoryLimit bool
// Whether swap limit is supported or not
SwapLimit bool
// Whether soft limit is supported or not
MemoryReservation bool
// Whether OOM killer disable is supported or not
OomKillDisable bool
// Whether memory swappiness is supported or not
MemorySwappiness bool
// Whether kernel memory limit is supported or not
KernelMemory bool
// Whether kernel memory TCP limit is supported or not
KernelMemoryTCP bool
}
type cgroupCPUInfo struct {
// Whether CPU shares is supported or not
CPUShares bool
// Whether CPU CFS(Completely Fair Scheduler) period is supported or not
CPUCfsPeriod bool
// Whether CPU CFS(Completely Fair Scheduler) quota is supported or not
CPUCfsQuota bool
// Whether CPU real-time period is supported or not
CPURealtimePeriod bool
// Whether CPU real-time runtime is supported or not
CPURealtimeRuntime bool
}
type cgroupBlkioInfo struct {
// Whether Block IO weight is supported or not
BlkioWeight bool
// Whether Block IO weight_device is supported or not
BlkioWeightDevice bool
// Whether Block IO read limit in bytes per second is supported or not
BlkioReadBpsDevice bool
// Whether Block IO write limit in bytes per second is supported or not
BlkioWriteBpsDevice bool
// Whether Block IO read limit in IO per second is supported or not
BlkioReadIOpsDevice bool
// Whether Block IO write limit in IO per second is supported or not
BlkioWriteIOpsDevice bool
}
type cgroupCpusetInfo struct {
// Whether Cpuset is supported or not
Cpuset bool
// Available Cpuset's cpus
Cpus string
// Available Cpuset's memory nodes
Mems string
}
type cgroupPids struct {
// Whether Pids Limit is supported or not
PidsLimit bool
}
// IsCpusetCpusAvailable returns `true` if the provided string set is contained
// in cgroup's cpuset.cpus set, `false` otherwise.
// If error is not nil a parsing error occurred.
func (c cgroupCpusetInfo) IsCpusetCpusAvailable(provided string) (bool, error) {
return isCpusetListAvailable(provided, c.Cpus)
}
// IsCpusetMemsAvailable returns `true` if the provided string set is contained
// in cgroup's cpuset.mems set, `false` otherwise.
// If error is not nil a parsing error occurred.
func (c cgroupCpusetInfo) IsCpusetMemsAvailable(provided string) (bool, error) {
return isCpusetListAvailable(provided, c.Mems)
}
func isCpusetListAvailable(provided, available string) (bool, error) {
parsedAvailable, err := parsers.ParseUintList(available)
if err != nil {
return false, err
}
// 8192 is the normal maximum number of CPUs in Linux, so accept numbers up to this
// or more if we actually have more CPUs.
max := 8192
for m := range parsedAvailable {
if m > max {
max = m
}
}
parsedProvided, err := parsers.ParseUintListMaximum(provided, max)
if err != nil {
return false, err
}
for k := range parsedProvided {
if !parsedAvailable[k] {
return false, nil
}
}
return true, nil
}
// Returns bit count of 1, used by NumCPU
func popcnt(x uint64) (n byte) {
x -= (x >> 1) & 0x5555555555555555
x = (x>>2)&0x3333333333333333 + x&0x3333333333333333
x += x >> 4
x &= 0x0f0f0f0f0f0f0f0f
x *= 0x0101010101010101
return byte(x >> 56)
}

277
vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_linux.go generated vendored
View File

@ -1,277 +0,0 @@
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
import (
"fmt"
"io/ioutil"
"os"
"path"
"strings"
"github.com/opencontainers/runc/libcontainer/cgroups"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
)
func findCgroupMountpoints() (map[string]string, error) {
cgMounts, err := cgroups.GetCgroupMounts(false)
if err != nil {
return nil, fmt.Errorf("Failed to parse cgroup information: %v", err)
}
mps := make(map[string]string)
for _, m := range cgMounts {
for _, ss := range m.Subsystems {
mps[ss] = m.Mountpoint
}
}
return mps, nil
}
type infoCollector func(info *SysInfo, cgMounts map[string]string) (warnings []string)
// New returns a new SysInfo, using the filesystem to detect which features
// the kernel supports. If `quiet` is `false` warnings are printed in logs
// whenever an error occurs or misconfigurations are present.
func New(quiet bool) *SysInfo {
var ops []infoCollector
var warnings []string
sysInfo := &SysInfo{}
cgMounts, err := findCgroupMountpoints()
if err != nil {
logrus.Warn(err)
} else {
ops = append(ops, []infoCollector{
applyMemoryCgroupInfo,
applyCPUCgroupInfo,
applyBlkioCgroupInfo,
applyCPUSetCgroupInfo,
applyPIDSCgroupInfo,
applyDevicesCgroupInfo,
}...)
}
ops = append(ops, []infoCollector{
applyNetworkingInfo,
applyAppArmorInfo,
applySeccompInfo,
}...)
for _, o := range ops {
w := o(sysInfo, cgMounts)
warnings = append(warnings, w...)
}
if !quiet {
for _, w := range warnings {
logrus.Warn(w)
}
}
return sysInfo
}
// applyMemoryCgroupInfo reads the memory information from the memory cgroup mount point.
func applyMemoryCgroupInfo(info *SysInfo, cgMounts map[string]string) []string {
var warnings []string
mountPoint, ok := cgMounts["memory"]
if !ok {
warnings = append(warnings, "Your kernel does not support cgroup memory limit")
return warnings
}
info.MemoryLimit = ok
info.SwapLimit = cgroupEnabled(mountPoint, "memory.memsw.limit_in_bytes")
if !info.SwapLimit {
warnings = append(warnings, "Your kernel does not support swap memory limit")
}
info.MemoryReservation = cgroupEnabled(mountPoint, "memory.soft_limit_in_bytes")
if !info.MemoryReservation {
warnings = append(warnings, "Your kernel does not support memory reservation")
}
info.OomKillDisable = cgroupEnabled(mountPoint, "memory.oom_control")
if !info.OomKillDisable {
warnings = append(warnings, "Your kernel does not support oom control")
}
info.MemorySwappiness = cgroupEnabled(mountPoint, "memory.swappiness")
if !info.MemorySwappiness {
warnings = append(warnings, "Your kernel does not support memory swappiness")
}
info.KernelMemory = cgroupEnabled(mountPoint, "memory.kmem.limit_in_bytes")
if !info.KernelMemory {
warnings = append(warnings, "Your kernel does not support kernel memory limit")
}
info.KernelMemoryTCP = cgroupEnabled(mountPoint, "memory.kmem.tcp.limit_in_bytes")
if !info.KernelMemoryTCP {
warnings = append(warnings, "Your kernel does not support kernel memory TCP limit")
}
return warnings
}
// applyCPUCgroupInfo reads the cpu information from the cpu cgroup mount point.
func applyCPUCgroupInfo(info *SysInfo, cgMounts map[string]string) []string {
var warnings []string
mountPoint, ok := cgMounts["cpu"]
if !ok {
warnings = append(warnings, "Unable to find cpu cgroup in mounts")
return warnings
}
info.CPUShares = cgroupEnabled(mountPoint, "cpu.shares")
if !info.CPUShares {
warnings = append(warnings, "Your kernel does not support cgroup cpu shares")
}
info.CPUCfsPeriod = cgroupEnabled(mountPoint, "cpu.cfs_period_us")
if !info.CPUCfsPeriod {
warnings = append(warnings, "Your kernel does not support cgroup cfs period")
}
info.CPUCfsQuota = cgroupEnabled(mountPoint, "cpu.cfs_quota_us")
if !info.CPUCfsQuota {
warnings = append(warnings, "Your kernel does not support cgroup cfs quotas")
}
info.CPURealtimePeriod = cgroupEnabled(mountPoint, "cpu.rt_period_us")
if !info.CPURealtimePeriod {
warnings = append(warnings, "Your kernel does not support cgroup rt period")
}
info.CPURealtimeRuntime = cgroupEnabled(mountPoint, "cpu.rt_runtime_us")
if !info.CPURealtimeRuntime {
warnings = append(warnings, "Your kernel does not support cgroup rt runtime")
}
return warnings
}
// applyBlkioCgroupInfo reads the blkio information from the blkio cgroup mount point.
func applyBlkioCgroupInfo(info *SysInfo, cgMounts map[string]string) []string {
var warnings []string
mountPoint, ok := cgMounts["blkio"]
if !ok {
warnings = append(warnings, "Unable to find blkio cgroup in mounts")
return warnings
}
info.BlkioWeight = cgroupEnabled(mountPoint, "blkio.weight")
if !info.BlkioWeight {
warnings = append(warnings, "Your kernel does not support cgroup blkio weight")
}
info.BlkioWeightDevice = cgroupEnabled(mountPoint, "blkio.weight_device")
if !info.BlkioWeightDevice {
warnings = append(warnings, "Your kernel does not support cgroup blkio weight_device")
}
info.BlkioReadBpsDevice = cgroupEnabled(mountPoint, "blkio.throttle.read_bps_device")
if !info.BlkioReadBpsDevice {
warnings = append(warnings, "Your kernel does not support cgroup blkio throttle.read_bps_device")
}
info.BlkioWriteBpsDevice = cgroupEnabled(mountPoint, "blkio.throttle.write_bps_device")
if !info.BlkioWriteBpsDevice {
warnings = append(warnings, "Your kernel does not support cgroup blkio throttle.write_bps_device")
}
info.BlkioReadIOpsDevice = cgroupEnabled(mountPoint, "blkio.throttle.read_iops_device")
if !info.BlkioReadIOpsDevice {
warnings = append(warnings, "Your kernel does not support cgroup blkio throttle.read_iops_device")
}
info.BlkioWriteIOpsDevice = cgroupEnabled(mountPoint, "blkio.throttle.write_iops_device")
if !info.BlkioWriteIOpsDevice {
warnings = append(warnings, "Your kernel does not support cgroup blkio throttle.write_iops_device")
}
return warnings
}
// applyCPUSetCgroupInfo reads the cpuset information from the cpuset cgroup mount point.
func applyCPUSetCgroupInfo(info *SysInfo, cgMounts map[string]string) []string {
var warnings []string
mountPoint, ok := cgMounts["cpuset"]
if !ok {
warnings = append(warnings, "Unable to find cpuset cgroup in mounts")
return warnings
}
info.Cpuset = ok
var err error
cpus, err := ioutil.ReadFile(path.Join(mountPoint, "cpuset.cpus"))
if err != nil {
return warnings
}
info.Cpus = strings.TrimSpace(string(cpus))
mems, err := ioutil.ReadFile(path.Join(mountPoint, "cpuset.mems"))
if err != nil {
return warnings
}
info.Mems = strings.TrimSpace(string(mems))
return warnings
}
// applyPIDSCgroupInfo reads the pids information from the pids cgroup mount point.
func applyPIDSCgroupInfo(info *SysInfo, _ map[string]string) []string {
var warnings []string
_, err := cgroups.FindCgroupMountpoint("", "pids")
if err != nil {
warnings = append(warnings, err.Error())
return warnings
}
info.PidsLimit = true
return warnings
}
// applyDevicesCgroupInfo reads the pids information from the devices cgroup mount point.
func applyDevicesCgroupInfo(info *SysInfo, cgMounts map[string]string) []string {
var warnings []string
_, ok := cgMounts["devices"]
info.CgroupDevicesEnabled = ok
return warnings
}
// applyNetworkingInfo adds networking information to the info.
func applyNetworkingInfo(info *SysInfo, _ map[string]string) []string {
var warnings []string
info.IPv4ForwardingDisabled = !readProcBool("/proc/sys/net/ipv4/ip_forward")
info.BridgeNFCallIPTablesDisabled = !readProcBool("/proc/sys/net/bridge/bridge-nf-call-iptables")
info.BridgeNFCallIP6TablesDisabled = !readProcBool("/proc/sys/net/bridge/bridge-nf-call-ip6tables")
return warnings
}
// applyAppArmorInfo adds AppArmor information to the info.
func applyAppArmorInfo(info *SysInfo, _ map[string]string) []string {
var warnings []string
if _, err := os.Stat("/sys/kernel/security/apparmor"); !os.IsNotExist(err) {
if _, err := ioutil.ReadFile("/sys/kernel/security/apparmor/profiles"); err == nil {
info.AppArmor = true
}
}
return warnings
}
// applySeccompInfo checks if Seccomp is supported, via CONFIG_SECCOMP.
func applySeccompInfo(info *SysInfo, _ map[string]string) []string {
var warnings []string
// Check if Seccomp is supported, via CONFIG_SECCOMP.
if err := unix.Prctl(unix.PR_GET_SECCOMP, 0, 0, 0, 0); err != unix.EINVAL {
// Make sure the kernel has CONFIG_SECCOMP_FILTER.
if err := unix.Prctl(unix.PR_SET_SECCOMP, unix.SECCOMP_MODE_FILTER, 0, 0, 0); err != unix.EINVAL {
info.Seccomp = true
}
}
return warnings
}
func cgroupEnabled(mountPoint, name string) bool {
_, err := os.Stat(path.Join(mountPoint, name))
return err == nil
}
func readProcBool(path string) bool {
val, err := ioutil.ReadFile(path)
if err != nil {
return false
}
return strings.TrimSpace(string(val)) == "1"
}

9
vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_unix.go generated vendored
View File

@ -1,9 +0,0 @@
// +build !linux,!windows
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
// New returns an empty SysInfo for non linux for now.
func New(quiet bool) *SysInfo {
sysInfo := &SysInfo{}
return sysInfo
}

7
vendor/github.com/docker/docker/pkg/sysinfo/sysinfo_windows.go generated vendored
View File

@ -1,7 +0,0 @@
package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
// New returns an empty SysInfo for windows for now.
func New(quiet bool) *SysInfo {
sysInfo := &SysInfo{}
return sysInfo
}

2
vendor/modules.txt vendored
View File

@ -237,10 +237,8 @@ github.com/docker/docker/daemon/logger/jsonfilelog/jsonlog
github.com/docker/docker/errdefs
github.com/docker/docker/pkg/jsonmessage
github.com/docker/docker/pkg/mount
github.com/docker/docker/pkg/parsers
github.com/docker/docker/pkg/parsers/operatingsystem
github.com/docker/docker/pkg/stdcopy
github.com/docker/docker/pkg/sysinfo
github.com/docker/docker/pkg/term
github.com/docker/docker/pkg/term/windows
# github.com/docker/go-connections v0.3.0 => github.com/docker/go-connections v0.3.0