On 2/9/21 2:26 PM, Pavel Hrdina wrote:
> When running on host with systemd there is an ownership issue of
> the root VM cgroup. When it is created for us by systemd using machined
> the owner of the root VM cgroup is systemd and we should not touch any
> of the files as systemd can and will modify any values configured there.
>
> Basically we had the issue since introduction of machined support
> in libvirt 1.1.1 back in 2013. With systemd implementing more cgroup
> APIs the `systemctl daemon-reload` would change more values configured
> by libvirt.
>
> The solution to the issue is to use systemd DBus APIs to configure
> cgroups but unfortunately they don't cover everything that libvirt
> needs.
>
> For that reason we will use systemd DBus APIs only for values that
> affect sibling cgroups where the resources are distributed
> proportionally, such as blkio.weight or cpu.shares. For the remaining
> resources we will keep the current code where we work with the files
> directly but we move everything into a child cgroup of the VM root
> cgroup where we are free to do whatever we like including thread
> configuration.
Yeah, if only there was a way to tell machined to not touch CGroups
we've created until they offer full set of features.
>
> Pavel Hrdina (9):
> virsystemd: export virSystemdHasMachined
> virsystemd: introduce virSystemdGetMachineByPID
> virsystemd: introduce virSystemdGetMachineUnitByPID
> vircgroup: use DBus call to systemd for some APIs
> vircgroupv1: refactor virCgroupV1DetectPlacement
> vircgroupv2: move task into cgroup before enabling controllers
> vircgroup: introduce virCgroupV1Exists and virCgroupV2Exists
> vircgroup: introduce nested cgroup to properly work with systemd
> tests: add cgroup nested tests
>
> docs/cgroups.html.in | 29 +-
> src/libvirt_private.syms | 2 +
> src/util/vircgroup.c | 300 ++++++++++++++----
> src/util/vircgroupbackend.h | 5 +
> src/util/vircgrouppriv.h | 10 +
> src/util/vircgroupv1.c | 122 +++++--
> src/util/vircgroupv2.c | 82 ++++-
> src/util/virsystemd.c | 105 +++++-
> src/util/virsystemd.h | 4 +
> tests/vircgroupdata/systemd-legacy.cgroups | 12 +
> tests/vircgroupdata/systemd-legacy.mounts | 11 +
> .../vircgroupdata/systemd-legacy.self.cgroup | 11 +
> tests/vircgroupdata/systemd-unified.cgroups | 13 +
> tests/vircgroupdata/systemd-unified.mounts | 1 +
> .../vircgroupdata/systemd-unified.self.cgroup | 1 +
> tests/vircgrouptest.c | 72 +++++
> tests/virsystemdtest.c | 39 ++-
> 17 files changed, 687 insertions(+), 132 deletions(-)
> create mode 100644 tests/vircgroupdata/systemd-legacy.cgroups
> create mode 100644 tests/vircgroupdata/systemd-legacy.mounts
> create mode 100644 tests/vircgroupdata/systemd-legacy.self.cgroup
> create mode 100644 tests/vircgroupdata/systemd-unified.cgroups
> create mode 100644 tests/vircgroupdata/systemd-unified.mounts
> create mode 100644 tests/vircgroupdata/systemd-unified.self.cgroup
>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michal