Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libcontainer: cgroups: deal with unlimited case for pids.max #644

Merged
merged 2 commits into from
Mar 21, 2016
Merged

libcontainer: cgroups: deal with unlimited case for pids.max #644

merged 2 commits into from
Mar 21, 2016

Conversation

cyphar
Copy link
Member

@cyphar cyphar commented Mar 14, 2016

Make sure we don't error out collecting statistics for cases where
pids.max == "max". In that case, we can use a limit of 0 which means
"unlimited".

Signed-off-by: Aleksa Sarai asarai@suse.de

Sorry, I forgot about this case in #640. This should fix it.

/cc @hqhq @mrunalp

@cyphar cyphar mentioned this pull request Mar 14, 2016
Closed
@crosbymichael
Copy link
Member

Instead of -1 is there like maxint that can be used? Is there a limit in the kernel for number of pids?

@crosbymichael
Copy link
Member

Should we use something like /proc/sys/kernel/pid_max or since this can change maybe -1 is a better solution?

@cyphar
Copy link
Member Author

cyphar commented Mar 15, 2016

My main reason for using -1 is because it mirrors the spec for setting the limit. Admittedly, I'd prefer if it was a uint64 (because that's what the type in the kernel /actually is/), but it probably makes the API more intuitive when it's -1. As you said, I'm not really comfortable about basing it on /proc/sys/kernel/pid_max because it can be changed.

@hqhq
Copy link
Contributor

hqhq commented Mar 15, 2016

What about *uint64? nil means unlimited. But I'm OK with both *uint64 and -1.

@cyphar
Copy link
Member Author

cyphar commented Mar 15, 2016

@hqhq Heh, I feel like we're reliving the discussion in #58. Since none of the other stats structs I can see use pointers (and they don't make sense if you contrast the use with opencontainers/runtime-spec#233), I feel like we should just stick with < 0 being "max" (even though we should probably consider whether 0 should be "max" as well).

@crosbymichael
Copy link
Member

Maybe 0 is better since its the default value then things can check for pids > 0 ??

@cyphar
Copy link
Member Author

cyphar commented Mar 17, 2016

If you're fine with 0, then I am too. At the end of the day, the value we pick is arbitrary. One last thing to consider is the fact that the PIDs cgroup is heirarchical, so we have to make a decision about what value to return in this situation:

% cat /sys/fs/cgroup/pids/some/container/pids.max
1024
% cat /sys/fs/cgroup/pids/some/pids.max
512

Should we return 512 because that's the "effective" limit? Or 1024 because it's the limit that's been set on the container?

@mrunalp
Copy link
Contributor

mrunalp commented Mar 17, 2016

I think that we should return the value set for the container. Anything outside should be properly managed by the admin or higher orchestration layer.

@cyphar
Copy link
Member Author

cyphar commented Mar 17, 2016

I've updated the following:

  • Changed "max" to be represented as 0, not -1.
  • Update the relevant tests.
  • Switch the stats attribute name to Limit (to mirror the name we use to /set/ the limit).

/cc @mrunalp @crosbymichael

@cyphar
libcontainer: cgroups: deal with unlimited case for pids.max
087b953 
Make sure we don't error out collecting statistics for cases where
pids.max == "max". In that case, we can use a limit of 0 which means
"unlimited".

In addition, change the name of the stats attribute (Max) to mirror the
name of the resources attribute in the spec (Limit) so that it's
consistent internally.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
@cyphar
libcontainer: cgroups: add tests for pids.max == "max"
a6d5179 
Signed-off-by: Aleksa Sarai <asarai@suse.de>
@cyphar cyphar mentioned this pull request Mar 20, 2016
Closed
@jessfraz jessfraz mentioned this pull request Mar 20, 2016
Closed
@hqhq
Copy link
Contributor

hqhq commented Mar 21, 2016

LGTM

@jessfraz
Copy link
Contributor

fixes my problem in #664 :)

@mrunalp
Copy link
Contributor

mrunalp commented Mar 21, 2016

LGTM

mrunalp pushed a commit that referenced this pull request Mar 21, 2016
Merge pull request #644 from cyphar/fix-pids-max-unlimited
4d79292 
libcontainer: cgroups: deal with unlimited case for pids.max
@mrunalp mrunalp merged commit 4d79292 into opencontainers:master Mar 21, 2016
@cyphar cyphar deleted the fix-pids-max-unlimited branch March 22, 2016 00:50
@LK4D4 LK4D4 mentioned this pull request Mar 22, 2016
Closed
@tonistiigi tonistiigi mentioned this pull request Mar 23, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
status/0-triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@cyphar @crosbymichael @hqhq @mrunalp @jessfraz @GordonTheTurtle