On Sat, Jan 16, 2016 at 11:13:15PM +0300, Cyrill Gorcunov wrote: > From: Cyrill Gorcunov <[email protected]> > Subject: [RFC rh7] ve/cgroup: Add pseudosuper state for restore sake > > Currently we allow to mount cgroups from inside of VEs context for > restore sake. But this will be a problem in future: every new mount > from inside of VE is actually degradates kernel performance. > > For this we introduce that named "pseudosuper" state of a container. > This cgroup member can be only set up from ve0 context but dropped > off from any context (including veX). Which allows us to restore > container and bring inability to mount cgroups once restore is done. > > In fact there are three players: the kernel itself which check for > pseudosuper status, the libvzctl which setup this status when > start and restore container, and criu which drops this status once > it complete restoring cgroups (calling libvzctl script upon namespace > creation). > > https://jira.sw.ru/browse/PSBM-34299 > https://jira.sw.ru/browse/PSBM-43169 > https://jira.sw.ru/browse/PSBM-42573 > > Signed-off-by: Cyrill Gorcunov <[email protected]> > CC: Vladimir Davydov <[email protected]> > CC: Konstantin Khorenko <[email protected]> > CC: Andrey Vagin <[email protected]> > CC: Igor Sukhih <[email protected]> > CC: Pavel Emelyanov <[email protected]>
Reviewed-by: Vladimir Davydov <[email protected]> _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
