date:20170821

Re: [Devel] [libvzctl PATCH] fast stop: suppress SUNRPC per task

2017-08-21 Thread Stanislav Kinsburskiy



21.08.2017 18:17, Igor Sukhih пишет:
> On 08/21/2017 04:18 PM, Stanislav Kinsburskiy wrote:
>> It solves two issues.
>> First, it allows to kill tasks in nested namespaces (rare, but possible 
>> case).
>> Second, is allows to kill CT with exited child reaper (when it's almost dead,
>> but waiting for it's children), because in this case SUNRPC can't be 
>> supressed
>> via child reapers proc dentries (/proc/pid/net is not available anymore).
>>
>> https://jira.sw.ru/browse/PSBM-70437
>>
>> Note: this patch reverts (replaces) commit
>> f8e953f5d683aa6f04dcc2b563b98d6e9ee3
>>
> Why it can't be done in scope of env cleanup logic in the kernel?

Because we have suspend and can't distinguish between halt and suspend.

> How it going to work if Ct stop initiated not by vzctl but by OOM, halt, kill?

It's the same.
The intention of this SUNRPC handle is to be able to stop container with any 
NFS issue.
For instance with unreachable network, or when power off was called in CT (in 
this case network is disabled before processes exit).


> 
> -- 
>   Igor.
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Re: [Devel] [libvzctl PATCH] fast stop: suppress SUNRPC per task

2017-08-21 Thread Igor Sukhih


On 08/21/2017 04:18 PM, Stanislav Kinsburskiy wrote:

It solves two issues.
First, it allows to kill tasks in nested namespaces (rare, but possible case).
Second, is allows to kill CT with exited child reaper (when it's almost dead,
but waiting for it's children), because in this case SUNRPC can't be supressed
via child reapers proc dentries (/proc/pid/net is not available anymore).

https://jira.sw.ru/browse/PSBM-70437

Note: this patch reverts (replaces) commit
f8e953f5d683aa6f04dcc2b563b98d6e9ee3


Why it can't be done in scope of env cleanup logic in the kernel?
How it going to work if Ct stop initiated not by vzctl but by OOM, halt, 
kill?


--
  Igor.
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

[Devel] [libvzctl PATCH] cgrop: get process CT ID from its status

2017-08-21 Thread Stanislav Kinsburskiy

Taking CT ID from /proc//cgroup is not reliable.
For instance when "shutdown" in called inside CT, CTs init has the following
cgroup content:

root@skinsbursky-vz7:~/stub_proxy_fs# cat /proc/397761/cgroup
16:perf_event:/
15:cpuset:/
14:hugetlb:/
13:pids:/
10:ve:/
8:devices:/
7:freezer:/
6:net_prio,net_cls:/
5:cpuacct,cpu:/
4:name=systemd:/
3:beancounter:/
2:memory:/
1:blkio:/

This is because process exits cgroups before killing all it's descendants.
This leads to failing "cg_env_check_init_pid" (processes "CT ID" doesn't match
cached CT ID), leading in turn to skipping SUNRPC suppress, thus breaking CT
killing with unreachable NFS.

This patch changes the logic to take envID from /proc/pid/status, which
contains real VE ID, but not cgroup.

https://jira.sw.ru/browse/PSBM-70402

Signed-off-by: Stanislav Kinsburskiy 
---
 lib/cgroup.c |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/cgroup.c b/lib/cgroup.c
index 843e197..cb521b6 100644
--- a/lib/cgroup.c
+++ b/lib/cgroup.c
@@ -798,11 +798,11 @@ int cg_env_set_net_classid(const char *ctid, unsigned int 
classid)
 
 static int cg_env_check_init_pid(const char *ctid, pid_t pid)
 {
-   int ret, n;
+   int ret;
FILE *fp;
char buf[4096];
 
-   snprintf(buf, sizeof(buf), "/proc/%d/cgroup", pid);
+   snprintf(buf, sizeof(buf), "/proc/%d/status", pid);
fp = fopen(buf, "r");
if (fp == NULL) {
if (errno == ENOENT)
@@ -813,7 +813,7 @@ static int cg_env_check_init_pid(const char *ctid, pid_t 
pid)
 
ret = 1;
while (fgets(buf, sizeof(buf), fp)) {
-   if (sscanf(buf, "%d:ve:/%s", , buf) != 2)
+   if (sscanf(buf, "envID:  %s", buf) != 1)
continue;
 
if (!strcmp(ctid, buf))

___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Re: [Devel] [PATCH v2 00/27] proc connector: containerize on per-VE basis

2017-08-21 Thread Stanislav Kinsburskiy

Andrey, please.

17.08.2017 16:59, Stanislav Kinsburskiy пишет:
> This feature is requested by customer and needed by cgred service.
> 
> https://jira.sw.ru/browse/PSBM-60227
> 
> What's ne in v2:
> 1) Containerization is done on per-VE basis
> 2) Event in container is also sent to VE#0
> 
> 
> ---
> 
> Stanislav Kinsburskiy (27):
>   connector: remove redundant input callback from cn_dev
>   connector: store all private data on VE structure
>   connector: introduce VE-aware get_cdev() helper
>   connector: per-ve init and fini helpers introduced
>   connector: use device stored in VE
>   connector: per-ve helpers intoruduced
>   connector: take cn_already_initialized from VE
>   proc connector: generic proc_event_connector() helper introduced
>   proc connector: use generic event helper for fork event
>   proc connector: use generic event helper for exec event
>   proc connector: use generic event helper for id event
>   proc connector: use generic event helper for sid event
>   proc connector: use generic event helper for ptrace event
>   proc connector: use generic event helper for comm event
>   proc connector: use generic event helper for coredump event
>   proc connector: use generic event helper for exit event
>   proc connector: add pid namespace awareness
>   proc connector: add per-ve init and fini foutines
>   proc connector: call proc-related init and fini routines explicitly
>   proc connector: take number of listeners and per-cpu conters from VE
>   proc connector: pass VE to event fillers
>   proc connector: take namespaces from VE
>   proc connector: use per-ve netlink sender helper
>   proc connector: send events to both VEs if not in VE#0
>   connector: containerize "connector" proc entry
>   connector: take VE from socket upon callback
>   connector: add VE SS hook
> 
> 
>  drivers/connector/cn_proc.c   |  386 
> -
>  drivers/connector/connector.c |  155 
>  include/linux/connector.h |   20 ++
>  include/linux/ve.h|4 
>  4 files changed, 323 insertions(+), 242 deletions(-)
> 
> --
> ___
> Devel mailing list
> Devel@openvz.org
> https://lists.openvz.org/mailman/listinfo/devel
> 
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Re: [Devel] [libvzctl PATCH] fast stop: suppress SUNRPC per task

Re: [Devel] [libvzctl PATCH] fast stop: suppress SUNRPC per task

[Devel] [libvzctl PATCH] cgrop: get process CT ID from its status

Re: [Devel] [PATCH v2 00/27] proc connector: containerize on per-VE basis

4 matches

Site Navigation

Mail list logo

Footer information