Package: lxc
Version: 1:1.0.6-6
Severity: normal
This isn't really a bug report but rather just to ask you some
questions.
For CPU related stuff, the man page quotes
CONTROL GROUP
This configuration will setup several control groups for the
application, cpuset.cpus
restricts usage of the defined cpu, cpus.share prioritize the
control group, devices.allow
makes usable the specified devices.
lxc.cgroup.cpuset.cpus = 0,1
lxc.cgroup.cpu.shares = 1234
lxc.cgroup.devices.deny = a
lxc.cgroup.devices.allow = c 1:3 rw
lxc.cgroup.devices.allow = b 8:0 rw
I set the same in the config file, and now I hope to contain the CPU to only a
subset of the available logical CPUs.
Inside the container, the output of getconf results in:
ubuntu@trusty-test:~$ getconf _NPROCESSORS_ONLN
8
Whereas in reality, only 2 procs should be available. Do we see the need to
build more intelligence inside the containers ?
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages lxc depends on:
ii init-system-helpers 1.22
ii libapparmor1 2.9.0-3
ii libc6 2.19-13
ii libcap2 1:2.24-6
ii libseccomp2 2.1.1-1
ii libselinux1 2.3-2
ii multiarch-support 2.19-13
ii python3 3.4.2-2
Versions of packages lxc recommends:
ii debootstrap 1.0.66
ii openssl 1.0.1k-1
ii rsync 3.1.1-2+b1
Versions of packages lxc suggests:
pn lua5.2 <none>
-- Configuration Files:
/etc/init.d/lxc changed:
sysconfdir="/etc"
bindir="/usr/bin"
localstatedir="/var"
mount_cgroups="yes"
cgroups="cpuset cpu cpuacct devices freezer net_cls blkio perf_event"
! grep -qs cgroup_enable=memory /proc/cmdline || cgroups="$cgroups memory"
BOOTGROUPS="onboot,"
SHUTDOWNDELAY=5
OPTIONS=
STOPOPTS="-a -s"
test ! -r /lib/lsb/init-functions ||
. /lib/lsb/init-functions
test ! -r "$sysconfdir"/sysconfig/lxc ||
. "$sysconfdir"/sysconfig/lxc
[ -x "$bindir"/lxc-autostart ] || exit 1
systemd_running()
{
if [ -d /run/systemd/system ] ; then
return 0
fi
return 1
}
mount_cgroups()
{
if ! systemd_running
then
mount -t tmpfs cgroup_root /sys/fs/cgroup || return 1
for M in $cgroups; do
mkdir /sys/fs/cgroup/$M || return 1
mount -t cgroup -o rw,nosuid,nodev,noexec,relatime,$M "cgroup_${M}"
"/sys/fs/cgroup/${M}" || return 1
done
else
log_warning_msg "Systemd running, skipping cgroup mount."
fi
}
umount_cgroups()
{
if ! systemd_running
then
for M in $cgroups; do
umount "cgroup_${M}"
rmdir /sys/fs/cgroup/$M
done
umount cgroup_root
else
log_warning_msg "Systemd running, skipping cgroup mount."
fi
}
check_mount_cgroup_options() {
if ! [ "$mount_cgroups" = "yes" ]; then
return 1
else
return 0
fi
}
wait_for_bridge()
{
[ -f "$sysconfdir"/lxc/default.conf ] || { return 0; }
which ifconfig >/dev/null 2>&1
if [ $? = 0 ]; then
cmd="ifconfig -a"
else
which ip >/dev/null 2>&1
if [ $? = 0 ]; then
cmd="ip link list"
fi
fi
[ -n cmd ] || { return 0; }
BRNAME=`grep '^[ ]*lxc.network.link' "$sysconfdir"/lxc/default.conf |
sed 's/^.*=[ ]*//'`
if [ -z "$BRNAME" ]; then
return 0
fi
for try in `seq 1 30`; do
eval $cmd |grep "^$BRNAME" >/dev/null 2>&1
if [ $? = 0 ]; then
return
fi
sleep 1
done
}
mkdir -p /var/lock/subsys
case "$1" in
start)
if check_mount_cgroup_options; then
if ! mount_cgroups; then
log_warning_msg "Cannot mount cgroups layout"
exit 1;
fi
fi
[ ! -f "$localstatedir"/lock/subsys/lxc ] || { exit 0; }
if [ -n "$BOOTGROUPS" ]
then
BOOTGROUPS="-g $BOOTGROUPS"
fi
# Start containers
wait_for_bridge
# Start autoboot containers first then the NULL group "onboot,".
log_daemon_msg "Starting LXC autoboot containers: "
"$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
touch "$localstatedir"/lock/subsys/lxc
;;
stop)
if [ -n "$SHUTDOWNDELAY" ]
then
SHUTDOWNDELAY="-t $SHUTDOWNDELAY"
fi
if check_mount_cgroup_options; then
umount_cgroups;
fi
# The stop is serialized and can take excessive time. We need to avoid
# delaying the system shutdown / reboot as much as we can since it's not
# parallelized... Even 5 second timout may be too long.
log_daemon_msg "Stopping LXC containers: "
"$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
rm -f "$localstatedir"/lock/subsys/lxc
;;
restart|reload|force-reload)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|reload|force-reload}"
exit 2
esac
exit $?
/etc/lxc/default.conf changed:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = lxcbr0
lxc.cgroup.cpuset.cpus = 0,1
lxc.cgroup.cpu.shares = 1234
lxc.cgroup.memory.limit_in_bytes = 2147483648
lxc.cgroup.memory.soft_limit_in_bytes = 1073741824
-- no debconf information
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
