Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

config-linux: clarify cgroup requirements #493

Merged
merged 4 commits into from
Jul 25, 2016

Conversation

cyphar
Copy link
Member

@cyphar cyphar commented Jun 8, 2016

This helps clear up some of the vagueness around cgroupsPath in the spec. It's
loosely modeled on what runC does (as well as allowing for custom cgroup
managers in runtimes). I also updated the cgroup section to make it clear that
lazy cgroup setup (where you only attach to the bare minimum of requested
cgroups) is allowed under the spec. This all originated from an IRC discussion
on #opencontainers.

This possibly obsoletes #270 (although that has some renaming going on).

Signed-off-by: Aleksa Sarai asarai@suse.de

/cc @opencontainers/runtime-spec-maintainers @wking

If `cgroupsPath` is not specified, implementations can define the default cgroup path.
If `cgroupsPath` is
* ... an absolute path (starting with `/`), the implementation MUST take the path to be relative to the cgroup mount point.
* ... a relative path (not starting with `/`), implementations SHOULD take the value to be the suffix of the resulting cgroup path.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: What does resulting cgroup path mean in this context? Did you mean relative to the cgroups of the runtime process?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm trying to make it not-too restrictive. There's no reason that a runtime has to make it relative to the cgroups of the runtime process. "Should be the suffix" means that it should be the last component in the path (but component is the wrong word since it can container /).

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Wed, Jun 08, 2016 at 10:07:28PM -0700, Aleksa Sarai wrote:

+* ... a relative path (not starting with /), implementations SHOULD take the value to be the suffix of the resulting cgroup path.

I'm trying to make it not-too restrictive. There's no reason that a
runtime has to make it relative to the cgroups of the runtime
process. "Should be the suffix" means that it should be the last
component in the path (but component is the wrong word since it can
container /).

How about:

… MAY interpret the path relative to a runtime-determined location
in the cgroup hierarchy.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I prefer SHOULD, since I believe a runtime should have a good reason for it to not do that way. But yes, I like that wording better.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Thu, Jun 09, 2016 at 05:42:57PM -0700, Aleksa Sarai wrote:

+* ... a relative path (not starting with /), implementations SHOULD take the value to be the suffix of the resulting cgroup path.

I prefer SHOULD, since I believe a runtime should have a good reason
for it to not do that way…

Is which leaf of a random runtime-generated directory you're at all
that important to you? I don't see a lot of space between MAY and
SHOULD here.

Copy link
Contributor

@wking wking Jun 10, 2016 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But then you have the systemd cgroup manager, where you specify a slice (which may not be a new leaf). While this might all change in cgroupv2, currently I'm trying to allow for custom cgroup managers to be compliant as long as they allow "absolute paths mode".

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Thu, Jun 09, 2016 at 10:23:11PM -0700, Aleksa Sarai wrote:

+* ... a relative path (not starting with /), implementations SHOULD take the value to be the suffix of the resulting cgroup path.

But then you have the systemd cgroup manager, where you specify a
slice (which may not be a new leaf).

Then maybe require a runtime servicing multiple ‘create’ calls with
identical cgroupsPaths to always join the same cgroups (regardless of
the absolute/relative/unset-ness)? That way folks using relative
paths for systemd (or whatever) have some idea of whether they'll be
joining an existing node or creating a new leaf in the hierarchy.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've tried to resolve this in the latest version (saying that it must be consistent if a value of cgroupsPath is specified). I don't like the wording though, maybe you could help me reword it?

Implementations of the Spec can choose to name cgroups in any manner.
The Spec does not include naming schema for cgroups.
The Spec does not support [split hierarchy][cgroup-v2].
The Spec does not support the [unified or "default" hierarchy][cgroup-v2].
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The old wording is “we don't support per-controller paths” for the reasons discussed in cgroup-v2.txt. It's not about limiting the cgroup version. Although you're now the second person I've heard interpret the old wording that way, so we probably want to adjust the wording. I think we do want to support v2 cgroups though, and it may be more clear than I thought if the runtime joins both v1 and v2 cgroups as needed to collect the controllers it wants to join (because a given controller can only be exposed in the v1 or v2 hierarchy, and not in both at once). So if you want to join the devices controller and that controller's in the v2 hierarchy, you join the appropriate v2 cgroup.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it important to have this? Even if it was supported there would be no changes to the spec and this is more of a runtime concern right?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Fri, Jun 10, 2016 at 11:45:55AM -0700, Michael Crosby wrote:

-The Spec does not support [split hierarchy][cgroup-v2].
+The Spec does not support the [unified or "default" hierarchy][cgroup-v2].

is it important to have this? Even if it was supported there would
be no changes to the spec and this is more of a runtime concern
right?

It was added to motivate a single cgroup-path property
vs. per-controller paths 1. I think it's useful to keep the
(informative) motivation documented here (although I think we can
clarify the wording).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But the thing is that we do support split hierarchies (that's the default on any modern GNU/Linux system). The reason I made this change was because the link text was wrong (cgroupv2 is the exact opposite of a split hierarchy).

I understand the point (cgroupsPath is a single value), but there's something wrong about this sentence when I read it.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Fri, Jun 10, 2016 at 09:06:48PM -0700, Aleksa Sarai wrote:

I understand the point (cgroupsPath is a single value), but there's
something wrong about this sentence when I read it.

The wording could be improved. My suggestion is 1:

This specification does not support per-controller paths for the
reasons discussed in the [v2 cgroup docs][cgroup-v2].

@Mashimiao
Copy link

@cyphar any updates?

@cyphar cyphar force-pushed the linux-refresh-cgroup branch from e1d173f to cb96d84 Compare July 7, 2016 07:43
@cyphar
Copy link
Member Author

cyphar commented Jul 7, 2016

@Mashimiao Thanks for pinging me, I completely forgot about this PR. 😉

@wking There, I've fixed up all of the things you mentioned. PTAL.

For example, to run a new process in an existing container without updating limits, `resources` need not be specified.

A runtime MUST at least use the minimum set of cgroup controllers required to fulfil the `resources` settings.
However, a runtime CAN decide to not attach to any additional cgroup controllers supported by the system.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still think we want “fulfil” → “fulfill” (although it looks like that's UK vs. US spelling, so not a big deal) and “supported by the system“ → “”.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ahem UK spelling is clearly superior. 😉

@cyphar cyphar force-pushed the linux-refresh-cgroup branch from cb96d84 to 219ceaf Compare July 21, 2016 15:27
@cyphar
Copy link
Member Author

cyphar commented Jul 21, 2016

@wking There, I've fixed up all of your concerns I think.

Some of the wording was a bit clumsy (and incorrect, by conflating
different concepts in control groups as "cgroups").

Signed-off-by: Aleksa Sarai <asarai@suse.de>
`cgroupsPath` can be used to either control the cgroup hierarchy for containers or to run a new process in an existing container.
If `cgroupsPath` is:
* ... an absolute path (starting with `/`), the runtime MUST take the path to be relative to the cgroup mount point.
* ... a relative path (not starting with `/`), the runtime MUST create a new leaf in the cgroup hierarchy and MAY interpret the path relative to a runtime-determined location in the cgroup hierarchy.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

“MUST create a new leaf” conflicts with the later “…MUST consistently attach to the same place …” (see also here). Now that we have the consistently-attach wording, I'm ok with weaker wording like this, and don't really care about MAY vs. SHOULD.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about something like:

* ... a relative path (not starting with `/`), the runtime MUST create a new leaf in the cgroup unless the same lexical path is used by another existing container [and MAY interpret the path relative to a runtime-determined location in the cgroup hierarchy].

Where "existing" means that it has been at least created. I'm not sure what wording to use there. I can drop the "must create a new leaf" -- but you're the one who suggested it and I do agree with the sentiment somewhat. But maybe we should drop it -- I think consistency is far more important than whether it's a new leaf.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Fri, Jul 22, 2016 at 02:15:25AM -0700, Aleksa Sarai wrote:

I can drop the "must create a new leaf" -- but you're the one who
suggested it and I do agree with the sentiment somewhat. But maybe
we should drop it -- I think consistency is far more important than
whether it's a new leaf.

I think we should drop the new-leaf wording. I'd suggested it before
we had the consistency wording.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure. Fixed.

@cyphar cyphar force-pushed the linux-refresh-cgroup branch from 219ceaf to 19c2a92 Compare July 22, 2016 14:45
* ... an absolute path (starting with `/`), the runtime MUST take the path to be relative to the cgroup mount point.
* ... a relative path (not starting with `/`), the runtime MAY interpret the path relative to a runtime-determined location in the cgroup hierarchy.
* ... not specified, the runtime CAN define the default cgroup path.
Runtimes CAN consider certain `cgroupsPath` values to be invalid, and MUST generate an error if this is the case.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

“CAN” → “MAY”. RFC 2119 does not define CAN. And you probably want to drop the comma.

@cyphar cyphar force-pushed the linux-refresh-cgroup branch from 19c2a92 to 4ed839e Compare July 22, 2016 16:41
cyphar added 3 commits July 23, 2016 02:46
Clarify some of the confusion with cgroupsPath. Due to systemd, we
cannot require that relative paths be treated in any specific way. In
addition, add a line stating that not all values of cgroupsPath are
required to be valid (and that runtimes must error out if they have an
invalid cgroup path). However, any given value of cgroupsPath should
provide consistent results.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
Make explicit that runtimes only have to attach to the bare minimum
number of cgroups in order to fulfil the users' requirements. However,
runtimes are of course allowed to attach to more than the bare minimum.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
The example section looks very sparse otherwise.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
@cyphar
Copy link
Member Author

cyphar commented Jul 22, 2016

@wking Addressed the rest of your comments.

@wking
Copy link
Contributor

wking commented Jul 22, 2016

19c2a924ed839e looks good to me.

There's still a comma 1 and “supported by the system” 2 that I
think we don't need, but neither of those have semantic impact.

@cyphar
Copy link
Member Author

cyphar commented Jul 22, 2016

/cc @opencontainers/runtime-spec-maintainers

@crosbymichael
Copy link
Member

crosbymichael commented Jul 22, 2016

LGTM

Approved with PullApprove

1 similar comment
@hqhq
Copy link
Contributor

hqhq commented Jul 25, 2016

LGTM

Approved with PullApprove

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants