On Sat, Jan 16, 2016 at 09:32:39PM +0100, Stanislav Kinsburskiу wrote: > Hi, > > What it's the reason behind this proposal?
1) Fix the restore problem introduced with your commit 2) Performance or uncontrollable mount of cgroups from inside of container is _really_ a huge problem affecting the node. Until there is a strong reason to allow mounting we should disable it. > The only thing you mentioned and which used not fixed is perfomance issues. > If so, then it's not a sufficient reason from my POW, because we are loosing > generic functionality. > I suspect, that the are programs, which use cgroups for their internal needs. > What will we do with them, if cgroup mounts are forbidden? I don't know ones which require own mounting. iirc docker was able to work if cgroups mounting is disabled and all cgroups are already preconfigured (but this should be double checked). Note that we're talking about _mounting_, because you still can create new cgroups nested. _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
