On Thu, May 07, 2015 at 05:01:42PM +0300, Cyrill Gorcunov wrote: > Here we rip off all the virtualization code we introduced into kernel to > behave close to rhel6. > > Because we're trying a new concept (bindmounting from the node) it is > no longer needed. > > Now some details: > > - drop cgroup_show_path -- we don't hide VEID in /proc/self/cgroup output, > it doesn't break criu so no need to carry it, same applies to changes > in cgroup_path; > > - because we drop virtualization of systemd -- disable creation of new > hierarchies in container: we don't support it, neither we need it. The > primary reason why we allowed new hierarchies in container was that > CRIU has been running restore procedure inside VE but now we initiate > restore from VE0, so we can safely disable new hierarchies; > > - in cgroup_addrm_files go back to former RHEL7 code; if we need something > special here it must be reviewed carefully and separately; > > - no need to hide /proc/cgroups in VE, there is no sensible info present. > > v2: > - take into account commits 38f039db6e023ac14517219ad6f674633c4e99ca > and c2ac6df22b20389ae2d0af49c436b00ff3243e89 removing cgroup_is_disposable, > cgroup_kernel_destroy, ve::ve_cgroup_head. > > - drop GRPP_WEAK, CGRP_SELF_DESTRUCTION and CGRP_VE_TOP_CGROUP_VIRTUAL flags > which implies the cgroups no longer auto-cleaned up but user-space tool > (read vzctl and friends) should handle cgroups removal > > - because we're moving to native cgroups code we don't virtualize release > agent anymore > > - still cgroup::cgroup_ve member is needed because we're using it > all over the code > > v3: > - move back ve_offline, we need to free ve id > > v4: > - use native call_usermodehelper in release_agent execution, we don't > virtualized cgroups, but I kept error code and pr_warn so it would > be easier identify problems if ever > - drop cgroup::cgroup_ve member, no longer used > - drop unused cgroup_kernel_destory > > v5: > - disable mounting of cgroups inside VE > - disable modifying toplevel bindmount cgroup > files from inside of container, except ve cgroup, > where we need to write "START" to kick container to > run (probably we will need more control here for > "restore" via CRIU case, hasn't investigated it > yet) > - drop redundant @cgrp from ve_offline > > Signed-off-by: Cyrill Gorcunov <gorcu...@odin.com> > CC: Vladimir Davydov <vdavy...@odin.com> > CC: Konstantin Khorenko <khore...@odin.com> > CC: Pavel Emelyanov <xe...@odin.com> > CC: Andrey Vagin <ava...@odin.com>
Acked-by: Vladimir Davydov <vdavy...@parallels.com> _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
