[libvirt PATCH 0/9] fix cgroups on systemd hosts

Pavel Hrdina phrdina at redhat.com
Tue Feb 9 13:26:05 UTC 2021 

When running on host with systemd there is an ownership issue of
the root VM cgroup. When it is created for us by systemd using machined
the owner of the root VM cgroup is systemd and we should not touch any
of the files as systemd can and will modify any values configured there.

Basically we had the issue since introduction of machined support
in libvirt 1.1.1 back in 2013. With systemd implementing more cgroup
APIs the `systemctl daemon-reload` would change more values configured
by libvirt.

The solution to the issue is to use systemd DBus APIs to configure
cgroups but unfortunately they don't cover everything that libvirt
needs.

For that reason we will use systemd DBus APIs only for values that
affect sibling cgroups where the resources are distributed
proportionally, such as blkio.weight or cpu.shares. For the remaining
resources we will keep the current code where we work with the files
directly but we move everything into a child cgroup of the VM root
cgroup where we are free to do whatever we like including thread
configuration.

Pavel Hrdina (9):
  virsystemd: export virSystemdHasMachined
  virsystemd: introduce virSystemdGetMachineByPID
  virsystemd: introduce virSystemdGetMachineUnitByPID
  vircgroup: use DBus call to systemd for some APIs
  vircgroupv1: refactor virCgroupV1DetectPlacement
  vircgroupv2: move task into cgroup before enabling controllers
  vircgroup: introduce virCgroupV1Exists and virCgroupV2Exists
  vircgroup: introduce nested cgroup to properly work with systemd
  tests: add cgroup nested tests

 docs/cgroups.html.in                          |  29 +-
 src/libvirt_private.syms                      |   2 +
 src/util/vircgroup.c                          | 300 ++++++++++++++----
 src/util/vircgroupbackend.h                   |   5 +
 src/util/vircgrouppriv.h                      |  10 +
 src/util/vircgroupv1.c                        | 122 +++++--
 src/util/vircgroupv2.c                        |  82 ++++-
 src/util/virsystemd.c                         | 105 +++++-
 src/util/virsystemd.h                         |   4 +
 tests/vircgroupdata/systemd-legacy.cgroups    |  12 +
 tests/vircgroupdata/systemd-legacy.mounts     |  11 +
 .../vircgroupdata/systemd-legacy.self.cgroup  |  11 +
 tests/vircgroupdata/systemd-unified.cgroups   |  13 +
 tests/vircgroupdata/systemd-unified.mounts    |   1 +
 .../vircgroupdata/systemd-unified.self.cgroup |   1 +
 tests/vircgrouptest.c                         |  72 +++++
 tests/virsystemdtest.c                        |  39 ++-
 17 files changed, 687 insertions(+), 132 deletions(-)
 create mode 100644 tests/vircgroupdata/systemd-legacy.cgroups
 create mode 100644 tests/vircgroupdata/systemd-legacy.mounts
 create mode 100644 tests/vircgroupdata/systemd-legacy.self.cgroup
 create mode 100644 tests/vircgroupdata/systemd-unified.cgroups
 create mode 100644 tests/vircgroupdata/systemd-unified.mounts
 create mode 100644 tests/vircgroupdata/systemd-unified.self.cgroup

-- 
2.29.2

More information about the libvir-list mailing list