[Devel] Re: [PATCH] cgroup : remove the ns_cgroup
On Thu, Jan 27, 2011 at 09:50:38AM +0100, Daniel Lezcano wrote: > On 01/27/2011 02:45 AM, Andrew Morton wrote: > >On Thu, 27 Jan 2011 09:08:51 +0800 Li Zefan wrote: > > > >>Andrew Morton wrote: > >>>On Tue, 25 Jan 2011 10:39:48 +0100 > >>>Daniel Lezcano wrote: > >>> > This patch removes the ns_cgroup as suggested in the following thread: > >>>I had this patch queued up in September last year, but dropped it. Why > >>>did I do that? > >>Because you wanted to wait for some time for users (if any) to notice this > >>coming change. > >> > >>Author: Daniel Lezcano > >>Date: Wed Oct 27 15:33:38 2010 -0700 > >> > >> cgroup: notify ns_cgroup deprecated > >> > >> The ns_cgroup will be removed very soon. Let's warn, for this version, > >> ns_cgroup is deprecated. > >> > >> Make ns_cgroup and clone_children exclusive. If the clone_children is > >> set > >> and the ns_cgroup is mounted, let's fail with EINVAL when the ns_cgroup > >> subsys is created (a printk will help the user to understand why the > >> creation fails). > >> > >> Update the feature remove schedule file with the deprecated ns_cgroup. > >> > >> Signed-off-by: Daniel Lezcano > >> Acked-by: Paul Menage > >> Signed-off-by: Andrew Morton > >> Signed-off-by: Linus Torvalds > >ooh, that was clever of me. > > > >Here is the text which was missing from the changelog: > > > > This is a userspace-visible change. Commit 45531757b45c ("cgroup: > > notify ns_cgroup deprecated") (merged into 2.6.27) caused the kernel > > to emit a printk warning users that the feature is planned for > > removal. Since that time we have heard from XXX users who were > > affected by this. > > > >Please provide XXX. > > Ok, AFAIK nobody makes use of the ns_cgroup except the LXC userspace > tools which I maintain and where > the backward compatibility with the ns_cgroup and the clone_children > flag is already implemented. > Since today nobody seems to be affected by this. > > I Cc'ed the libvirt mailing list. Removing 'ns_cgroup' won't impact libvirt's container support in any negative way, so fine by me. Regards, Daniel ___ Containers mailing list contain...@lists.linux-foundation.org https://lists.linux-foundation.org/mailman/listinfo/containers ___ Devel mailing list Devel@openvz.org https://openvz.org/mailman/listinfo/devel
[Devel] Re: [PATCH] cgroup : remove the ns_cgroup
On 01/27/2011 02:45 AM, Andrew Morton wrote: > On Thu, 27 Jan 2011 09:08:51 +0800 Li Zefan wrote: > >> Andrew Morton wrote: >>> On Tue, 25 Jan 2011 10:39:48 +0100 >>> Daniel Lezcano wrote: >>> This patch removes the ns_cgroup as suggested in the following thread: >>> I had this patch queued up in September last year, but dropped it. Why >>> did I do that? >> Because you wanted to wait for some time for users (if any) to notice this >> coming change. >> >> Author: Daniel Lezcano >> Date: Wed Oct 27 15:33:38 2010 -0700 >> >> cgroup: notify ns_cgroup deprecated >> >> The ns_cgroup will be removed very soon. Let's warn, for this version, >> ns_cgroup is deprecated. >> >> Make ns_cgroup and clone_children exclusive. If the clone_children is >> set >> and the ns_cgroup is mounted, let's fail with EINVAL when the ns_cgroup >> subsys is created (a printk will help the user to understand why the >> creation fails). >> >> Update the feature remove schedule file with the deprecated ns_cgroup. >> >> Signed-off-by: Daniel Lezcano >> Acked-by: Paul Menage >> Signed-off-by: Andrew Morton >> Signed-off-by: Linus Torvalds > ooh, that was clever of me. > > Here is the text which was missing from the changelog: > >This is a userspace-visible change. Commit 45531757b45c ("cgroup: >notify ns_cgroup deprecated") (merged into 2.6.27) caused the kernel >to emit a printk warning users that the feature is planned for >removal. Since that time we have heard from XXX users who were >affected by this. > > Please provide XXX. Ok, AFAIK nobody makes use of the ns_cgroup except the LXC userspace tools which I maintain and where the backward compatibility with the ns_cgroup and the clone_children flag is already implemented. Since today nobody seems to be affected by this. I Cc'ed the libvirt mailing list. > How do we know that 2.6.37->2.6.38 is long enough? Will any major > distros be released containing this warning in that timeframe? I doubt > it. Hmm, maybe it is too short but I don't think someone will complain about this feature removal. Google chromium is using the namespaces, hence a lot of cgroup is created on the system. The vsftpd and some pam modules uses the namespaces too. I won't be surprised if one of these applications fails with 'clone' returning EEXIST ... ___ Containers mailing list contain...@lists.linux-foundation.org https://lists.linux-foundation.org/mailman/listinfo/containers ___ Devel mailing list Devel@openvz.org https://openvz.org/mailman/listinfo/devel
[Devel] Re: [PATCH] cgroup : remove the ns_cgroup
On Thu, 27 Jan 2011 09:08:51 +0800 Li Zefan wrote: > Andrew Morton wrote: > > On Tue, 25 Jan 2011 10:39:48 +0100 > > Daniel Lezcano wrote: > > > >> This patch removes the ns_cgroup as suggested in the following thread: > > > > I had this patch queued up in September last year, but dropped it. Why > > did I do that? > > Because you wanted to wait for some time for users (if any) to notice this > coming change. > > Author: Daniel Lezcano > Date: Wed Oct 27 15:33:38 2010 -0700 > > cgroup: notify ns_cgroup deprecated > > The ns_cgroup will be removed very soon. Let's warn, for this version, > ns_cgroup is deprecated. > > Make ns_cgroup and clone_children exclusive. If the clone_children is set > and the ns_cgroup is mounted, let's fail with EINVAL when the ns_cgroup > subsys is created (a printk will help the user to understand why the > creation fails). > > Update the feature remove schedule file with the deprecated ns_cgroup. > > Signed-off-by: Daniel Lezcano > Acked-by: Paul Menage > Signed-off-by: Andrew Morton > Signed-off-by: Linus Torvalds ooh, that was clever of me. Here is the text which was missing from the changelog: This is a userspace-visible change. Commit 45531757b45c ("cgroup: notify ns_cgroup deprecated") (merged into 2.6.27) caused the kernel to emit a printk warning users that the feature is planned for removal. Since that time we have heard from XXX users who were affected by this. Please provide XXX. How do we know that 2.6.37->2.6.38 is long enough? Will any major distros be released containing this warning in that timeframe? I doubt it. ___ Containers mailing list contain...@lists.linux-foundation.org https://lists.linux-foundation.org/mailman/listinfo/containers ___ Devel mailing list Devel@openvz.org https://openvz.org/mailman/listinfo/devel
[Devel] Re: [PATCH] cgroup : remove the ns_cgroup
Andrew Morton wrote: > On Tue, 25 Jan 2011 10:39:48 +0100 > Daniel Lezcano wrote: > >> This patch removes the ns_cgroup as suggested in the following thread: > > I had this patch queued up in September last year, but dropped it. Why > did I do that? Because you wanted to wait for some time for users (if any) to notice this coming change. Author: Daniel Lezcano Date: Wed Oct 27 15:33:38 2010 -0700 cgroup: notify ns_cgroup deprecated The ns_cgroup will be removed very soon. Let's warn, for this version, ns_cgroup is deprecated. Make ns_cgroup and clone_children exclusive. If the clone_children is set and the ns_cgroup is mounted, let's fail with EINVAL when the ns_cgroup subsys is created (a printk will help the user to understand why the creation fails). Update the feature remove schedule file with the deprecated ns_cgroup. Signed-off-by: Daniel Lezcano Acked-by: Paul Menage Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds ___ Containers mailing list contain...@lists.linux-foundation.org https://lists.linux-foundation.org/mailman/listinfo/containers ___ Devel mailing list Devel@openvz.org https://openvz.org/mailman/listinfo/devel
[Devel] Re: [PATCH] cgroup : remove the ns_cgroup
On Tue, 25 Jan 2011 10:39:48 +0100 Daniel Lezcano wrote: > This patch removes the ns_cgroup as suggested in the following thread: I had this patch queued up in September last year, but dropped it. Why did I do that? ___ Containers mailing list contain...@lists.linux-foundation.org https://lists.linux-foundation.org/mailman/listinfo/containers ___ Devel mailing list Devel@openvz.org https://openvz.org/mailman/listinfo/devel
[Devel] Re: [PATCH] cgroup : remove the ns_cgroup
On Tue, 25 Jan 2011 10:39:48 +0100 Daniel Lezcano wrote: > The ns_cgroup is an annoying cgroup at the namespace / cgroup frontier > and leads to some problems: > > * cgroup creation is out-of-control > * cgroup name can conflict when pids are looping > * it is not possible to have a single process handling > a lot of namespaces without falling in a exponential creation time > * we may want to create a namespace without creating a cgroup > > The ns_cgroup was replaced by a compatibility flag 'clone_children', > where a newly created cgroup will copy the parent cgroup values. > The userspace has to manually create a cgroup and add a task to > the 'tasks' file. > > This patch removes the ns_cgroup as suggested in the following thread: > > https://lists.linux-foundation.org/pipermail/containers/2009-June/018616.html > > The 'cgroup_clone' function is removed because it is no longer used. > > Signed-off-by: Daniel Lezcano > Signed-off-by: Serge E. Hallyn > Cc: Eric W. Biederman > Cc: Jamal Hadi Salim > Reviewed-by: Li Zefan > Acked-by: Paul Menage > Acked-by: Matt Helsley > > ... > > 22 files changed, 4 insertions(+), 287 deletions(-) I didn't see that one coming. This change is userspace-visible, is it not? What are the implications of this? There's some discussion in that nearly-two-year-old thread regarding making provision for back-compatibility but I'm not seeing such things in this patch? ___ Containers mailing list contain...@lists.linux-foundation.org https://lists.linux-foundation.org/mailman/listinfo/containers ___ Devel mailing list Devel@openvz.org https://openvz.org/mailman/listinfo/devel