On 2/9/21 2:26 PM, Pavel Hrdina wrote:
When running on host with systemd there is an ownership issue of
the root VM cgroup. When it is created for us by systemd using machined
the owner of the root VM cgroup is systemd and we should not touch any
of the files as systemd can and will modify any values configured there.
Basically we had the issue since introduction of machined support
in libvirt 1.1.1 back in 2013. With systemd implementing more cgroup
APIs the `systemctl daemon-reload` would change more values configured
by libvirt.
The solution to the issue is to use systemd DBus APIs to configure
cgroups but unfortunately they don't cover everything that libvirt
needs.
For that reason we will use systemd DBus APIs only for values that
affect sibling cgroups where the resources are distributed
proportionally, such as blkio.weight or cpu.shares. For the remaining
resources we will keep the current code where we work with the files
directly but we move everything into a child cgroup of the VM root
cgroup where we are free to do whatever we like including thread
configuration.
Yeah, if only there was a way to tell machined to not touch CGroups
we've created until they offer full set of features.
Pavel Hrdina (9):
virsystemd: export virSystemdHasMachined
virsystemd: introduce virSystemdGetMachineByPID
virsystemd: introduce virSystemdGetMachineUnitByPID
vircgroup: use DBus call to systemd for some APIs
vircgroupv1: refactor virCgroupV1DetectPlacement
vircgroupv2: move task into cgroup before enabling controllers
vircgroup: introduce virCgroupV1Exists and virCgroupV2Exists
vircgroup: introduce nested cgroup to properly work with systemd
tests: add cgroup nested tests
docs/cgroups.html.in | 29 +-
src/libvirt_private.syms | 2 +
src/util/vircgroup.c | 300 ++++++++++++++----
src/util/vircgroupbackend.h | 5 +
src/util/vircgrouppriv.h | 10 +
src/util/vircgroupv1.c | 122 +++++--
src/util/vircgroupv2.c | 82 ++++-
src/util/virsystemd.c | 105 +++++-
src/util/virsystemd.h | 4 +
tests/vircgroupdata/systemd-legacy.cgroups | 12 +
tests/vircgroupdata/systemd-legacy.mounts | 11 +
.../vircgroupdata/systemd-legacy.self.cgroup | 11 +
tests/vircgroupdata/systemd-unified.cgroups | 13 +
tests/vircgroupdata/systemd-unified.mounts | 1 +
.../vircgroupdata/systemd-unified.self.cgroup | 1 +
tests/vircgrouptest.c | 72 +++++
tests/virsystemdtest.c | 39 ++-
17 files changed, 687 insertions(+), 132 deletions(-)
create mode 100644 tests/vircgroupdata/systemd-legacy.cgroups
create mode 100644 tests/vircgroupdata/systemd-legacy.mounts
create mode 100644 tests/vircgroupdata/systemd-legacy.self.cgroup
create mode 100644 tests/vircgroupdata/systemd-unified.cgroups
create mode 100644 tests/vircgroupdata/systemd-unified.mounts
create mode 100644 tests/vircgroupdata/systemd-unified.self.cgroup
Reviewed-by: Michal Privoznik <mpriv...@redhat.com>
Michal
