This is an automated email from the ASF dual-hosted git repository.
bmahler pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mesos.git
The following commit(s) were added to refs/heads/master by this push:
new 7918b06c1 [cgroups2] Enable controller in parent cgroups during
prepare().
7918b06c1 is described below
commit 7918b06c11302f6c614ade51d4b327580588ac71
Author: Jason Zhou <[email protected]>
AuthorDate: Tue Aug 13 17:32:06 2024 -0400
[cgroups2] Enable controller in parent cgroups during prepare().
To support nested containers with nested cgroups, we need to enable
controllers in cgroup.subtree_control file for the appropriate nested
cgroup.
To do so, we need to ensure that the parents have the the requested
controller in their cgroup.subtree_control file so that the nested
cgroup can have the controller written into subtree_control as well.
Otherwise we will get a 'no such file or directory' error.
Review: https://reviews.apache.org/r/75166/
---
.../mesos/isolators/cgroups2/cgroups2.cpp | 22 +++++++++++++++-------
1 file changed, 15 insertions(+), 7 deletions(-)
diff --git a/src/slave/containerizer/mesos/isolators/cgroups2/cgroups2.cpp
b/src/slave/containerizer/mesos/isolators/cgroups2/cgroups2.cpp
index c9162c4ad..762bb1122 100644
--- a/src/slave/containerizer/mesos/isolators/cgroups2/cgroups2.cpp
+++ b/src/slave/containerizer/mesos/isolators/cgroups2/cgroups2.cpp
@@ -203,7 +203,7 @@ Future<Option<ContainerLaunchInfo>>
Cgroups2IsolatorProcess::prepare(
return Failure("Cgroup '" + nonLeafCgroup + "' already exists");
}
- Try<Nothing> create = cgroups2::create(nonLeafCgroup);
+ Try<Nothing> create = cgroups2::create(nonLeafCgroup, true);
if (create.isError()) {
return Failure("Failed to create cgroup '" + nonLeafCgroup + "': "
+ create.error());
@@ -215,7 +215,7 @@ Future<Option<ContainerLaunchInfo>>
Cgroups2IsolatorProcess::prepare(
return Failure("Cgroup '" + leafCgroup + "' already exists");
}
- create = cgroups2::create(leafCgroup);
+ create = cgroups2::create(leafCgroup, true);
if (create.isError()) {
return Failure("Failed to create cgroup '" + leafCgroup + "': "
+ create.error());
@@ -237,11 +237,19 @@ Future<Option<ContainerLaunchInfo>>
Cgroups2IsolatorProcess::prepare(
// of the containers, so we will only skip the call for
// cgroups2::controllers::enable.
if (!skip_enable.contains(controller->name())) {
- Try<Nothing> enable =
- cgroups2::controllers::enable(nonLeafCgroup, {controller->name()});
- if (enable.isError()) {
- return Failure("Failed to enable controller '" + controller->name() +
"'"
- " in cgroup '" + nonLeafCgroup + "': " +
enable.error());
+ vector<string> cgroup_tokens = strings::tokenize(
+ strings::remove(nonLeafCgroup, flags.cgroups_root, strings::PREFIX),
+ "/");
+ string current_cgroup = flags.cgroups_root;
+ foreach (const string& token, cgroup_tokens) {
+ current_cgroup = path::join(current_cgroup, token);
+ Try<Nothing> enable =
+ cgroups2::controllers::enable(current_cgroup, {controller->name()});
+ if (enable.isError()) {
+ return Failure(
+ "Failed to enable controller '" + controller->name() + "'"
+ " in cgroup '" + current_cgroup + "': " + enable.error());
+ }
}
}
