Hi! Take a look please, once time permit. This series doesn't
cover all patches because we can't use css_local_root() helper
until PSBM-134002 get merged (in those patches this helper is
introduced). Thus the commit
c1b584c0d3be ve/cgroup: Get correct VE init css when ve init_task is moved to
chi
From: Pavel Tikhomirov
When users read /proc/vmstat inside container they expect to see
agregated stats of all container cgroups.
Note: We've had /proc/meminfo, /proc/vmstat, /proc/swaps and sysinfo(),
virtualized in containers in VZ7, we need the same in VZ8. In VZ7 this
was done via virtinfo s
From: Pavel Tikhomirov
Set default size to half of physpages from ve memory cgroup. User in ct
would get -ENOSPC on 1/2 memory limit reached like we do on host.
https://jira.sw.ru/browse/PCLIN-26841
https://jira.sw.ru/browse/PSBM-127785
(extracted from vz7 commit dce154c32257 ("ub/memcg: introd
From: Pavel Tikhomirov
The task having task->mm->vps_dumpable == VD_VE_ENTER_TASK is a task
which entered container's ve cgroup and not yet called exec until:
sys_execve
do_execve
do_execve_common [1]
exec_binprm
search_binary_handler
load_elf_binary
flush_old_exec
From: Pavel Tikhomirov
SOCK_SNDBUF_LOCK and SOCK_RCVBUF_LOCK flags disable automatic socket
buffers adjustment done by kernel (see tcp_fixup_rcvbuf() and
tcp_sndbuf_expand()). If we've just created a new socket this adjustment
is enabled on it, but if one changes the socket buffer size by
setsock
From: Konstantin Khorenko
Don't complain about searching for a non ns specific sysfs entry in ns specific
parent dirent.
When we set sysfs permissions for a CT via ve.sysfs_permissions
we assume the target sysfs entry is non ns specific and call
sysfs_find_dirent() with NULL ns arg.
This makes
From: Vasily Averin
openvswitch briges are used by Weave net plugin for Kubernetes.
https://jira.sw.ru/browse/PSBM-92107
Signed-off-by: Konstantin Khorenko
(cherry picked from vz7 commit 8ed1b4ae93bc ("openvswitch: allow to create ovs
bridges inside Containers"))
Signed-off-by: Vasily Averin
From: Andrey Zhadchenko
CRIU is preserving ifindexes of net devices after restoration, but
current Open vSwitch API are not capable to do that. So we need to
modify it, because
- Restoring net devices with random ifindex will lead to some excessive
work to restore master relationship.
- OVS d
From: Vasily Averin
Weave network pluging for Kubernetes configures bridge via netlink,
so need to allow appropriate netlink messages if sent inside a
Container.
https://jira.sw.ru/browse/PSBM-92107
Signed-off-by: Konstantin Khorenko
(cherry picked from vz7 commit e7c862d58164 ("ve/bridge: ha
From: Konstantin Khorenko
Don't flood logs with messages like
"sd 1:0:0:0: rejecting I/O to offline device".
On one hand this flooding is not useful for investigations,
on anothre hand it can make serial console to feed up.
https://jira.sw.ru/browse/PSBM-100118
Signed-off-by: Konstantin Khoren
From: Vasily Averin
The proc file is virtualized, so it contains stats for only those block
devices which are allowed by device cgroup related to the Container.
https://jira.sw.ru/browse/PSBM-90491
https://jira.sw.ru/browse/PSBM-92107
Signed-off-by: Konstantin Khorenko
(cherry picked from vz7
11 matches
Mail list logo
