Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bugfix: remove pids-limit initial value #1354

Merged
merged 1 commit into from
May 21, 2018
Merged

bugfix: remove pids-limit initial value #1354

merged 1 commit into from
May 21, 2018

Conversation

Ace-Tang
Copy link
Contributor

pids-limit should have zero as initial value, or runtime
will fail to set if kernel not support pid-limit, that will
fail to start container.

Signed-off-by: Ace-Tang aceapril@126.com

Ⅰ. Describe what this PR did

Ⅱ. Does this pull request fix one issue?

Ⅲ. Describe how you did it

Ⅳ. Describe how to verify it

Ⅴ. Special notes for reviews

@pouchrobot pouchrobot added kind/bug This is bug report for project size/XS labels May 18, 2018
@codecov-io
Copy link

codecov-io commented May 18, 2018
edited
Loading

Codecov Report

Merging #1354 into master will decrease coverage by 0.01%.
The diff coverage is 0%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1354      +/-   ##
==========================================
- Coverage   17.34%   17.32%   -0.02%     
==========================================
  Files         189      189              
  Lines       11832    11822      -10     
==========================================
- Hits         2052     2048       -4     
+ Misses       9633     9627       -6     
  Partials      147      147
Impacted Files Coverage Δ
cli/common_flags.go 0% <0%> (ø) ⬆️
daemon/mgr/image_store.go 80.7% <0%> (-0.66%) ⬇️
daemon/mgr/system.go 0% <0%> (ø) ⬆️
daemon/mgr/volume.go 0% <0%> (ø) ⬆️
cri/src/cri.go 0% <0%> (ø) ⬆️
daemon/mgr/container.go 0% <0%> (ø) ⬆️
cli/info.go 0% <0%> (ø) ⬆️
daemon/mgr/image.go 0% <0%> (ø) ⬆️

fuweid
fuweid reviewed May 18, 2018
View reviewed changes
cli/common_flags.go Outdated
@@ -84,7 +84,7 @@ func addCommonFlags(flagSet *pflag.FlagSet) *container {

flagSet.StringVarP(&c.workdir, "workdir", "w", "", "Set the working directory in a container")
flagSet.Var(&c.ulimit, "ulimit", "Set container ulimit")
flagSet.Int64Var(&c.pidsLimit, "pids-limit", -1, "Set container pids limit, -1 for unlimited")
flagSet.Int64Var(&c.pidsLimit, "pids-limit", 0, "Set container pids limit, -1 for unlimited")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I check the document and I think the unlimited setting should be max.

It's correct?

I check this in my env:

➜  ~ cat /sys/fs/cgroup/pids/user.slice/pids.max
max

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And please update the comment for the pidsLimit.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you are right, comment maybe confused, -1 here just means in runc, we would not set value for pid.max , it will jump the set. Maybe we can add more comment, but -1 here is really for unlimit set, @fuweid

if cgroup.Resources.PidsLimit != 0 {
 31         // "max" is the fallback value.
 32         limit := "max"
 33 
 34         if cgroup.Resources.PidsLimit > 0 {
 35             limit = strconv.FormatInt(cgroup.Resources.PidsLimit, 10)
 36         }
 37 
 38         if err := writeFile(path, "pids.max", limit); err != nil {
 39             return err
 40         }
 41     }

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I get something wrong.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, -1 means will still set max for pids.max, but if pids cgroup is not mount, it will go error, let me re-write the comment.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice

@Ace-Tang
bugfix: remove pids-limit initial value
da41699 
pids-limit should have zero as initial value, or runtime
will fail to set if kernel not support pid-limit, that will
fail to start container.

Signed-off-by: Ace-Tang <aceapril@126.com>
@fuweid
Copy link
Contributor

fuweid commented May 21, 2018

LGTM

@fuweid fuweid merged commit 1a982bf into AliyunContainerService:master May 21, 2018
@fuweid
Copy link
Contributor

fuweid commented May 21, 2018

BTW, I think we should add some tests for the cgroup settings in the next step.

@Ace-Tang Ace-Tang deleted the fix_pid_limit_initial_value branch May 21, 2018 03:18
@Ace-Tang
Copy link
Contributor Author

Yes, cgroup file existing should be check first

@pouchrobot pouchrobot mentioned this pull request May 24, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fuweid fuweid fuweid left review comments

Assignees
No one assigned
Labels
kind/bug This is bug report for project size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Ace-Tang @codecov-io @fuweid @pouchrobot