Package: lxc
Version: 1:1.0.6-3
Severity: important
Tags: patch
cgroups is very critical to LXC. And even so it has delegated the task
to others (systemd and libvirt).
There are many users who don't use either. Please handle cgroup mounts
in lxc's init script.
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages lxc depends on:
ii init-system-helpers 1.21
ii libapparmor1 2.9.0-1
ii libc6 2.19-12
ii libcap2 1:2.24-6
ii libseccomp2 2.1.1-1
ii libselinux1 2.3-2
ii multiarch-support 2.19-12
ii python3 3.4.2-1
Versions of packages lxc recommends:
ii debootstrap 1.0.64
ii openssl 1.0.1j-1
ii rsync 3.1.1-2+b1
Versions of packages lxc suggests:
pn lua5.2 <none>
-- Configuration Files:
/etc/init.d/lxc changed:
sysconfdir="/etc"
bindir="/usr/bin"
localstatedir="/var"
mount_cgroups="yes"
cgroups="cpuset cpu cpuacct devices freezer net_cls blkio perf_event"
! grep -qs cgroup_enable=memory /proc/cmdline || cgroups="$cgroups memory"
BOOTGROUPS="onboot,"
SHUTDOWNDELAY=5
OPTIONS=
STOPOPTS="-a -s"
test ! -r /lib/lsb/init-functions ||
. /lib/lsb/init-functions
test ! -r "$sysconfdir"/sysconfig/lxc ||
. "$sysconfdir"/sysconfig/lxc
[ -x "$bindir"/lxc-autostart ] || exit 1
systemd_running()
{
if [ -d /run/systemd/system ] ; then
return 0
fi
return 1
}
mount_cgroups()
{
if ! systemd_running
then
mount -t tmpfs cgroup_root /sys/fs/cgroup || return 1
for M in $cgroups; do
mkdir /sys/fs/cgroup/$M || return 1
mount -t cgroup -o rw,nosuid,nodev,noexec,relatime,$M "cgroup_${M}"
"/sys/fs/cgroup/${M}" || return 1
done
else
log_warning_msg "Systemd running, skipping cgroup mount."
fi
}
umount_cgroups()
{
if ! systemd_running
then
for M in $cgroups; do
umount "cgroup_${M}"
rmdir /sys/fs/cgroup/$M
done
umount cgroup_root
else
log_warning_msg "Systemd running, skipping cgroup mount."
fi
}
check_mount_cgroup_options() {
if ! [ "$mount_cgroups" = "yes" ]; then
return 1
else
return 0
fi
}
wait_for_bridge()
{
[ -f "$sysconfdir"/lxc/default.conf ] || { return 0; }
which ifconfig >/dev/null 2>&1
if [ $? = 0 ]; then
cmd="ifconfig -a"
else
which ip >/dev/null 2>&1
if [ $? = 0 ]; then
cmd="ip link list"
fi
fi
[ -n cmd ] || { return 0; }
BRNAME=`grep '^[ ]*lxc.network.link' "$sysconfdir"/lxc/default.conf |
sed 's/^.*=[ ]*//'`
if [ -z "$BRNAME" ]; then
return 0
fi
for try in `seq 1 30`; do
eval $cmd |grep "^$BRNAME" >/dev/null 2>&1
if [ $? = 0 ]; then
return
fi
sleep 1
done
}
mkdir -p /var/lock/subsys
case "$1" in
start)
if check_mount_cgroup_options; then
if ! mount_cgroups; then
log_warning_msg "Cannot mount cgroups layout"
exit 1;
fi
fi
[ ! -f "$localstatedir"/lock/subsys/lxc ] || { exit 0; }
if [ -n "$BOOTGROUPS" ]
then
BOOTGROUPS="-g $BOOTGROUPS"
fi
# Start containers
wait_for_bridge
# Start autoboot containers first then the NULL group "onboot,".
log_daemon_msg "Starting LXC autoboot containers: "
"$bindir"/lxc-autostart $OPTIONS $BOOTGROUPS
touch "$localstatedir"/lock/subsys/lxc
;;
stop)
if [ -n "$SHUTDOWNDELAY" ]
then
SHUTDOWNDELAY="-t $SHUTDOWNDELAY"
fi
if check_mount_cgroup_options; then
umount_cgroups;
fi
# The stop is serialized and can take excessive time. We need to avoid
# delaying the system shutdown / reboot as much as we can since it's not
# parallelized... Even 5 second timout may be too long.
log_daemon_msg "Stopping LXC containers: "
"$bindir"/lxc-autostart $STOPOPTS $SHUTDOWNDELAY
rm -f "$localstatedir"/lock/subsys/lxc
;;
restart|reload|force-reload)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|reload|force-reload}"
exit 2
esac
exit $?
/etc/lxc/default.conf changed:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = lxcbr0
lxc.cgroup.cpuset.cpus = 0,1
lxc.cgroup.cpu.shares = 1234
lxc.cgroup.memory.limit_in_bytes = 2147483648
lxc.cgroup.memory.soft_limit_in_bytes = 1073741824
-- no debconf information
25a26,30
> mount_cgroups="yes"
>
> # For cgroups
> cgroups="cpuset cpu cpuacct devices freezer net_cls blkio perf_event"
> ! grep -qs cgroup_enable=memory /proc/cmdline || cgroups="$cgroups memory"
61a67,119
>
>
>
>
> systemd_running()
> {
> if [ -d /run/systemd/system ] ; then
> return 0
> fi
> return 1
> }
>
> mount_cgroups()
> {
> if ! systemd_running
> then
> mount -t tmpfs cgroup_root /sys/fs/cgroup || return 1
> for M in $cgroups; do
> mkdir /sys/fs/cgroup/$M || return 1
> mount -t cgroup -o rw,nosuid,nodev,noexec,relatime,$M
> "cgroup_${M}" "/sys/fs/cgroup/${M}" || return 1
> done
> else
> log_warning_msg "Systemd running, skipping cgroup mount."
> fi
>
> }
>
> umount_cgroups()
> {
> if ! systemd_running
> then
> for M in $cgroups; do
> umount "cgroup_${M}"
> rmdir /sys/fs/cgroup/$M
> done
> umount cgroup_root
> else
> log_warning_msg "Systemd running, skipping cgroup mount."
> fi
> }
>
> check_mount_cgroup_options() {
> if ! [ "$mount_cgroups" = "yes" ]; then
> return 1
> else
> return 0
> fi
> }
>
>
>
>
>
99a158,165
>
> if check_mount_cgroup_options; then
> if ! mount_cgroups; then
> log_warning_msg "Cannot mount cgroups layout"
> exit 1;
> fi
> fi
>
117a184,187
> fi
>
> if check_mount_cgroup_options; then
> umount_cgroups;
