Re: [lxc-users] Enabling real time support in containers

Fri, 31 Mar 2017 10:17:33 -0700 

On 03/28/2017 07:55 AM, Serge E. Hallyn wrote:

Is this using a user namespace or not?



I am not using a user namespace. This in intended to be a privileged 
container with everything running as root. Although I am planning on 
using a custom CentOS template I've created, I can reproduce the problem 
with the stock "centos" template provided by LXC. I created a container 
using the following steps:


lxc-create -n test1 -t centos
chroot /var/lib/lxc/test1/rootfs passwd
sed -i 's/lxcbr0/br0/' /var/lib/lxc/test1/config

sed -i 's/lxc.cap.drop = sys_nice/# lxc.cap.drop = sys_nice/' 
/usr/share/lxc/config/centos.common.conf

lxc-start -n test1
lxc-attach -n test1


At this point I can get my container's DHCP assigned IP address and copy 
my real-time test app to the container. The strace command shows the 
following:


# lxc-attach -n test1
[root@test1 ~]# strace ./rttest
execve("./rttest", ["./rttest"], [/* 25 vars */]) = 0
brk(0)                                  = 0x825000
...

sched_setscheduler(285, SCHED_FIFO, { 92 }) = -1 EPERM (Operation not 
permitted)

tgkill(284, 285, SIGRTMIN)              = 0

write(1, "Unable to start rt thread, rc=1\n", 32Unable to start rt 
thread, rc=1

) = 32
futex(0x7ff9f1a47908, FUTEX_WAIT_PRIVATE, 2, NULL) = 0
futex(0x7ff9f1a47908, FUTEX_WAKE_PRIVATE, 1) = 0
exit_group(0)                           = ?
+++ exited with 0 +++


As you can see, the sched_setscheduler() call fails with an EPERM error. 
This same app runs fine on the host.



Ultimately I expect this app to fail when run under my container since I 
have not given the container any real time bandwidth. I had hoped the option


lxc.cgroup.cpu.rt_runtime_us = 475000


would do the trick but this option is rejected with anything other than 
"0". So presumably this isn't the correct way to give a container real 
time bandwidth.



I have more experience with the libvirt-lxc framework and I have been 
able to enable real time support for containers under libvirt. The 
approach used in this case involves explicitly setting cgroup 
parameters, specifically


/sys/fs/cgroup/cpu/machine.slice/cpu.rt_runtime_us

under the host and

/sys/fs/cgroup/cpu/cpu.rt_runtime_us

under the container. For example, I might do something like this:


echo 500000 >/sys/fs/cgroup/cpu/machine.slice/cpu.rt_runtime_us      --> 
on the host

echo 25000 >/sys/fs/cgroup/cpu/cpu.rt_runtime_us      --> on a container

These do not work for LXC based containers though.

Peter

_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users





















					Reply via email to