kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Merge pull request #10427 from jfrazelle/option-to-disable-systemd-cgroups

Browse source 
Option to configure cgroup manager (adds --exec-opt)
This commit is contained in:
Jessie Frazelle 2015-04-29 10:00:41 -07:00
commit 53bef64804
8 changed files with 75 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
contrib/completion/bash/docker
View file

@ -1151,6 +1151,7 @@ _docker() {
--dns --dns
--dns-search --dns-search
--exec-driver -e --exec-driver -e
--exec-opt
--fixed-cidr --fixed-cidr
--fixed-cidr-v6 --fixed-cidr-v6
--graph -g --graph -g

1
contrib/completion/fish/docker.fish
View file

@ -51,6 +51,7 @@ complete -c docker -f -n '__fish_docker_no_subcommand' -s d -l daemon -d 'Enable
complete -c docker -f -n '__fish_docker_no_subcommand' -l dns -d 'Force Docker to use specific DNS servers' complete -c docker -f -n '__fish_docker_no_subcommand' -l dns -d 'Force Docker to use specific DNS servers'
complete -c docker -f -n '__fish_docker_no_subcommand' -l dns-search -d 'Force Docker to use specific DNS search domains' complete -c docker -f -n '__fish_docker_no_subcommand' -l dns-search -d 'Force Docker to use specific DNS search domains'
complete -c docker -f -n '__fish_docker_no_subcommand' -s e -l exec-driver -d 'Force the Docker runtime to use a specific exec driver' complete -c docker -f -n '__fish_docker_no_subcommand' -s e -l exec-driver -d 'Force the Docker runtime to use a specific exec driver'
complete -c docker -f -n '__fish_docker_no_subcommand' -l exec-opt -d 'Set exec driver options'
complete -c docker -f -n '__fish_docker_no_subcommand' -l fixed-cidr -d 'IPv4 subnet for fixed IPs (e.g. 10.20.0.0/16)' complete -c docker -f -n '__fish_docker_no_subcommand' -l fixed-cidr -d 'IPv4 subnet for fixed IPs (e.g. 10.20.0.0/16)'
complete -c docker -f -n '__fish_docker_no_subcommand' -l fixed-cidr-v6 -d 'IPv6 subnet for fixed IPs (e.g.: 2001:a02b/48)' complete -c docker -f -n '__fish_docker_no_subcommand' -l fixed-cidr-v6 -d 'IPv6 subnet for fixed IPs (e.g.: 2001:a02b/48)'
complete -c docker -f -n '__fish_docker_no_subcommand' -s G -l group -d 'Group to assign the unix socket specified by -H when running in daemon mode' complete -c docker -f -n '__fish_docker_no_subcommand' -s G -l group -d 'Group to assign the unix socket specified by -H when running in daemon mode'

2
daemon/config.go
View file

@ -29,6 +29,7 @@ type Config struct {
GraphDriver string GraphDriver string
GraphOptions []string GraphOptions []string
ExecDriver string ExecDriver string
ExecOptions []string
Mtu int Mtu int
SocketGroup string SocketGroup string
EnableCors bool EnableCors bool
@ -70,6 +71,7 @@ func (config *Config) InstallFlags() {
flag.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", "Set CORS headers in the remote API") flag.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", "Set CORS headers in the remote API")
opts.IPVar(&config.Bridge.DefaultIp, []string{"#ip", "-ip"}, "0.0.0.0", "Default IP when binding container ports") opts.IPVar(&config.Bridge.DefaultIp, []string{"#ip", "-ip"}, "0.0.0.0", "Default IP when binding container ports")
opts.ListVar(&config.GraphOptions, []string{"-storage-opt"}, "Set storage driver options") opts.ListVar(&config.GraphOptions, []string{"-storage-opt"}, "Set storage driver options")
opts.ListVar(&config.ExecOptions, []string{"-exec-opt"}, "Set exec driver options")
// FIXME: why the inconsistency between "hosts" and "sockets"? // FIXME: why the inconsistency between "hosts" and "sockets"?
opts.IPListVar(&config.Dns, []string{"#dns", "-dns"}, "DNS server to use") opts.IPListVar(&config.Dns, []string{"#dns", "-dns"}, "DNS server to use")
opts.DnsSearchListVar(&config.DnsSearch, []string{"-dns-search"}, "DNS search domains to use") opts.DnsSearchListVar(&config.DnsSearch, []string{"-dns-search"}, "DNS search domains to use")

2
daemon/daemon.go
View file

@ -942,7 +942,7 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine, registryService
sysInfo := sysinfo.New(false) sysInfo := sysinfo.New(false)
const runDir = "/var/run/docker" const runDir = "/var/run/docker"
ed, err := execdrivers.NewDriver(config.ExecDriver, runDir, config.Root, sysInitPath, sysInfo) ed, err := execdrivers.NewDriver(config.ExecDriver, config.ExecOptions, runDir, config.Root, sysInitPath, sysInfo)
if err != nil { if err != nil {
return nil, err return nil, err
} }

4
daemon/execdriver/execdrivers/execdrivers.go
View file

@ -10,7 +10,7 @@ import (
"github.com/docker/docker/pkg/sysinfo" "github.com/docker/docker/pkg/sysinfo"
) )
func NewDriver(name, root, libPath, initPath string, sysInfo *sysinfo.SysInfo) (execdriver.Driver, error) { func NewDriver(name string, options []string, root, libPath, initPath string, sysInfo *sysinfo.SysInfo) (execdriver.Driver, error) {
switch name { switch name {
case "lxc": case "lxc":
// we want to give the lxc driver the full docker root because it needs // we want to give the lxc driver the full docker root because it needs
@ -18,7 +18,7 @@ func NewDriver(name, root, libPath, initPath string, sysInfo *sysinfo.SysInfo) (
// to be backwards compatible // to be backwards compatible
return lxc.NewDriver(root, libPath, initPath, sysInfo.AppArmor) return lxc.NewDriver(root, libPath, initPath, sysInfo.AppArmor)
case "native": case "native":
return native.NewDriver(path.Join(root, "execdriver", "native"), initPath) return native.NewDriver(path.Join(root, "execdriver", "native"), initPath, options)
} }
return nil, fmt.Errorf("unknown exec driver %s", name) return nil, fmt.Errorf("unknown exec driver %s", name)
} }

38
daemon/execdriver/native/driver.go
View file

@ -8,12 +8,14 @@ import (
"os" "os"
"os/exec" "os/exec"
"path/filepath" "path/filepath"
"strings"
"sync" "sync"
"syscall" "syscall"
"time" "time"
"github.com/Sirupsen/logrus" "github.com/Sirupsen/logrus"
"github.com/docker/docker/daemon/execdriver" "github.com/docker/docker/daemon/execdriver"
"github.com/docker/docker/pkg/parsers"
"github.com/docker/docker/pkg/reexec" "github.com/docker/docker/pkg/reexec"
sysinfo "github.com/docker/docker/pkg/system" sysinfo "github.com/docker/docker/pkg/system"
"github.com/docker/docker/pkg/term" "github.com/docker/docker/pkg/term"
@ -39,7 +41,7 @@ type driver struct {
sync.Mutex sync.Mutex
} }
func NewDriver(root, initPath string) (*driver, error) { func NewDriver(root, initPath string, options []string) (*driver, error) {
meminfo, err := sysinfo.ReadMemInfo() meminfo, err := sysinfo.ReadMemInfo()
if err != nil { if err != nil {
return nil, err return nil, err
@ -52,11 +54,45 @@ func NewDriver(root, initPath string) (*driver, error) {
if err := apparmor.InstallDefaultProfile(); err != nil { if err := apparmor.InstallDefaultProfile(); err != nil {
return nil, err return nil, err
} }
// choose cgroup manager
// this makes sure there are no breaking changes to people
// who upgrade from versions without native.cgroupdriver opt
cgm := libcontainer.Cgroupfs cgm := libcontainer.Cgroupfs
if systemd.UseSystemd() { if systemd.UseSystemd() {
cgm = libcontainer.SystemdCgroups cgm = libcontainer.SystemdCgroups
} }
// parse the options
for _, option := range options {
key, val, err := parsers.ParseKeyValueOpt(option)
if err != nil {
return nil, err
}
key = strings.ToLower(key)
switch key {
case "native.cgroupdriver":
// override the default if they set options
switch val {
case "systemd":
if systemd.UseSystemd() {
cgm = libcontainer.SystemdCgroups
} else {
// warn them that they chose the wrong driver
logrus.Warn("You cannot use systemd as native.cgroupdriver, using cgroupfs instead")
}
case "cgroupfs":
cgm = libcontainer.Cgroupfs
default:
return nil, fmt.Errorf("Unknown native.cgroupdriver given %q. try cgroupfs or systemd", val)
}
default:
return nil, fmt.Errorf("Unknown option %s\n", key)
}
}
logrus.Debugf("Using %v as native.cgroupdriver", cgm)
f, err := libcontainer.New( f, err := libcontainer.New(
root, root,
cgm, cgm,

15
docs/man/docker.1.md
View file

@ -124,6 +124,9 @@ unix://[/path/to/socket] to use.
**-v**, **--version**=*true*|*false* **-v**, **--version**=*true*|*false*
Print version information and quit. Default is false. Print version information and quit. Default is false.
**--exec-opt**=[]
Set exec driver options. See EXEC DRIVER OPTIONS.
**--selinux-enabled**=*true*|*false* **--selinux-enabled**=*true*|*false*
Enable selinux support. Default is false. SELinux does not presently support the BTRFS storage driver. Enable selinux support. Default is false. SELinux does not presently support the BTRFS storage driver.
@ -357,6 +360,18 @@ for data and metadata:
--storage-opt dm.metadatadev=/dev/vdc \ --storage-opt dm.metadatadev=/dev/vdc \
--storage-opt dm.basesize=20G --storage-opt dm.basesize=20G
# EXEC DRIVER OPTIONS
Use the **--exec-opt** flags to specify options to the exec-driver. The only
driver that accepts this flag is the *native* (libcontainer) driver. As a
result, you must also specify **-s=**native for this option to have effect. The
following is the only *native* option:
#### native.cgroupdriver
Specifies the management of the container's `cgroups`. You can specify
`cgroupfs` or `systemd`. If you specify `systemd` and it is not available, the
system uses `cgroupfs`.
#### Client #### Client
For specific client examples please see the man page for the specific Docker For specific client examples please see the man page for the specific Docker
command. For example: command. For example:

17
docs/sources/reference/commandline/cli.md
View file

@ -442,7 +442,7 @@ Currently supported options are:
> Otherwise, set this flag for migrating existing Docker daemons to a > Otherwise, set this flag for migrating existing Docker daemons to a
> daemon with a supported environment. > daemon with a supported environment.
### Docker exec-driver option ### Docker execdriver option
The Docker daemon uses a specifically built `libcontainer` execution driver as its The Docker daemon uses a specifically built `libcontainer` execution driver as its
interface to the Linux kernel `namespaces`, `cgroups`, and `SELinux`. interface to the Linux kernel `namespaces`, `cgroups`, and `SELinux`.
@ -452,6 +452,21 @@ https://linuxcontainers.org/) via the `lxc` execution driver, however, this is
not where the primary development of new functionality is taking place. not where the primary development of new functionality is taking place.
Add `-e lxc` to the daemon flags to use the `lxc` execution driver. Add `-e lxc` to the daemon flags to use the `lxc` execution driver.
#### Options for the native execdriver
You can configure the `native` (libcontainer) execdriver using options specified
with the `--exec-opt` flag. All the flag's options have the `native` prefix. A
single `native.cgroupdriver` option is available.
The `native.cgroupdriver` option specifies the management of the container's
cgroups. You can specify `cgroupfs` or `systemd`. If you specify `systemd` and
it is not available, the system uses `cgroupfs`. By default, if no option is
specified, the execdriver first tries `systemd` and falls back to `cgroupfs`.
This example sets the execdriver to `cgroupfs`:
$ sudo docker -d --exec-opt native.cgroupdriver=cgroupfs
Setting this option applies to all containers the daemon launches.
### Daemon DNS options ### Daemon DNS options