Serge Hallyn [2015-04-17 17:49 -0000]: > Cpusets are not *required* for lxc. Perhaps we should in fact default > to only providing name=systemd, devices and freezer cgroups for users? > We'd want to very widely advertise how to enable other cgroups.
Right, I mostly understood it so that we need to create all those controllers in the host that the container workload can *potentially* use all these cgroups as well, not that they are inherently required. > Currently lxc would fail this way, but we could teach it to ignore > inability to create cgroups which aren't required. (This isn't as > simple as it seems, since using the keyword "all" for controllers > would no longer work, but it's doable) "all" could still try to join all controllers, but ignore the ones it doesn't have permissions for? Maybe also (1) a new weak version of "all" which implements that behaviour, or (2) a new strong version which will fail if it cannot join any controller. TBH I don't know which way around would break backwards compat less: (1) requires changing all existing container configs on upgrade once we stop putting the user session into all controllers, and (2) might break existing container workloads which actually expect the dropped controllers. My gut feeling is that (2) is the better option. Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1392176 Title: mounts cgroups unconditionally which causes undesired effects with cpu hotplug To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cgmanager/+bug/1392176/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs