Hello, David.
On Mon, Jan 04, 2016 at 08:32:16AM -0800, David Ahern wrote:
> Add cgroup to assoicate tasks with L3 networking domains. AF_INET{6}
> sockets opened by tasks associated with an l3mdev cgroup are bound to
> the associated master device when the socket is created. This allows a
> user to run a command (and its children) within an L3 networking context.
>
> The master-device for an l3mdev cgroup must be an L3 master device
> (e.g., VRF), and it must be set before attaching tasks to the cgroup. Once
> set the master-device can not change. Nested l3mdev cgroups are not
> supported. The root (aka default) l3mdev cgroup can not be bound to a
> master device.
>
> Example:
> ip link add vrf-red type vrf table vrf-red
> ip link set dev vrf-red up
> ip link set dev eth1 master vrf-red
>
> cgcreate -g l3mdev:vrf-red
> cgset -r l3mdev.master-device=vrf-red vrf-red
> cgexec -g l3mdev:vrf-red bash
Please don't create any new controller whose sole purpose is
identifying group membership. Please take a look at how libxt_cgroup
handles identification w/o creating a new controller.
http://lkml.kernel.org/g/[email protected]
Thanks.
--
tejun
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
