* Taisuke Yamada <t...@rakugaki.org> wrote:
> Thanks for the reply.
>
> Regarding this fix, I have another suggestion so it can co-exist
> with LXC (LinuX Container)and other cgroups usage.
>
> If you're going to include /etc/default/cgconfig, please
> consider adding
>
> CREATE_DEFAULT=no
>
> to suppress default creation of "/sysdefault" subgroup. This is
> because assigning all processes to subgroup seems to cause many
> problems which I will describe below.
>
> One issue with subgrouping is that LXC (LinuX Container) fails
> to run when invoking shell is already bound to subgroup.
>
> LXC (wrongly) expects its pid-based subgroup to appear directly
> under cgroups mountpoint ("/"), so it will not run when invoking
> process is already cgclassify-ed under "/sysdefault" subgroup.
>
> # In another word, LXC fails to find pid-based subgroup (created
> # by ns subsystem) appearing under "/mnt/cgroups/sysdefault/<pid>".
>
> Also, assigning processes under "/sysdefault" has a side-effect of
> making "/etc/init.d/cgconfig stop" to fail when namespace ("ns")
> subsystem is in use.
>
> # grep cgroup /proc/mounts
> # /etc/init.d/cgconfig start
> Starting cgconfig service: .
> # cat /proc/$$/cgroup
> 2:devices,ns:/sysdefault
> # /etc/init.d/cgconfig stop
> Stopping cgconfig service: cgclear failed with Operation not permitted
>
> Although you can umount cgroups manually, internal allocation of
> subgroup (num_cgroups) is kept, and ends up with EBUSY error when
> re-enabling cgroups with different configuration.
>
> # umount /mnt/cgroups
> # cat /proc/cgroups
> #subsys_name hierarchy num_cgroups enabled
> cpuset 0 1 1
> debug 0 1 1
> ns 1 2 1
> ^^^<----- count is 2, due to "/" and "/sysdefault"
> cpu 0 1 1
> cpuacct 0 1 1
> memory 0 1 1
> devices 1 2 1
> ^^^<----- same as above
> freezer 0 1 1
> # mount -t cgroup -o all none /mnt/cgroups
> mount: none already mounted or /mnt/cgroups busy
> # mount -t cgroup -o ns,devices,cpu none /mnt/cgroups
> mount: none already mounted or /mnt/cgroups busy
> # mount -t cgroup -o ns,devices none /mnt/cgroups
> #
>
> Because I cannot get out of this "/sysdefault" jail, it is
> now impossible to reconfigure except by reboot. Other commands
> like cgclear, cgdelete, or rmdir has no effect (all denied to
> execute).
>
> To summarize, cgclassify-ing all processes to subgroup by default
> seem to have too much impact on LXC and other use-cases. Although
> this is not a cgroups bug, I suggest to have less-strict default
> configuration until each use-case/implementation matures.
I see your point and I agree. This is, however, a separate issue from
the init script typo. Would you mind filling a new bug for this request?
That will keep the two issues separate and will be less confusing for
others when tracking the origin of these changes.
> Excuse me for lengthly explanation, but I wanted to be informative
> to other people who might be trying LXC (and failing). It took me
> some time to figure these out...
I find it quite helpful, thank you for the verbosity.
J
>
> Best Regards,
> Taisuke Yamada
>
> > * Taisuke Yamada <t...@rakugaki.org> wrote:
> >> Package: cgroup-bin
> >> Version: 0.36.2-1
> >> Severity: minor
> >>
> >> In /etc/init.d/cgconfig and /etc/init.d/cgred, external configuration
> >> files are referenced in wrong filenames (RedHat-ism?).
> >>
> >> currently used filename should be changed to
> >> ---------------------------------------------------
> >> /etc/default/cgred.conf /etc/default/cgred
> >> /etc/sysconfig/cgconfig /etc/default/cgconfig
> >
> > Ah, good catch. You're absolutely right. I'll have a fix uploaded for
> > this shortly. Thanks!
> >
>
>
>
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
