On 2/9/21 2:26 PM, Pavel Hrdina wrote:
When running on host with systemd there is an ownership issue of the root VM cgroup. When it is created for us by systemd using machined the owner of the root VM cgroup is systemd and we should not touch any of the files as systemd can and will modify any values configured there. Basically we had the issue since introduction of machined support in libvirt 1.1.1 back in 2013. With systemd implementing more cgroup APIs the `systemctl daemon-reload` would change more values configured by libvirt. The solution to the issue is to use systemd DBus APIs to configure cgroups but unfortunately they don't cover everything that libvirt needs. For that reason we will use systemd DBus APIs only for values that affect sibling cgroups where the resources are distributed proportionally, such as blkio.weight or cpu.shares. For the remaining resources we will keep the current code where we work with the files directly but we move everything into a child cgroup of the VM root cgroup where we are free to do whatever we like including thread configuration.
Yeah, if only there was a way to tell machined to not touch CGroups we've created until they offer full set of features.
Pavel Hrdina (9): virsystemd: export virSystemdHasMachined virsystemd: introduce virSystemdGetMachineByPID virsystemd: introduce virSystemdGetMachineUnitByPID vircgroup: use DBus call to systemd for some APIs vircgroupv1: refactor virCgroupV1DetectPlacement vircgroupv2: move task into cgroup before enabling controllers vircgroup: introduce virCgroupV1Exists and virCgroupV2Exists vircgroup: introduce nested cgroup to properly work with systemd tests: add cgroup nested tests docs/cgroups.html.in | 29 +- src/libvirt_private.syms | 2 + src/util/vircgroup.c | 300 ++++++++++++++---- src/util/vircgroupbackend.h | 5 + src/util/vircgrouppriv.h | 10 + src/util/vircgroupv1.c | 122 +++++-- src/util/vircgroupv2.c | 82 ++++- src/util/virsystemd.c | 105 +++++- src/util/virsystemd.h | 4 + tests/vircgroupdata/systemd-legacy.cgroups | 12 + tests/vircgroupdata/systemd-legacy.mounts | 11 + .../vircgroupdata/systemd-legacy.self.cgroup | 11 + tests/vircgroupdata/systemd-unified.cgroups | 13 + tests/vircgroupdata/systemd-unified.mounts | 1 + .../vircgroupdata/systemd-unified.self.cgroup | 1 + tests/vircgrouptest.c | 72 +++++ tests/virsystemdtest.c | 39 ++- 17 files changed, 687 insertions(+), 132 deletions(-) create mode 100644 tests/vircgroupdata/systemd-legacy.cgroups create mode 100644 tests/vircgroupdata/systemd-legacy.mounts create mode 100644 tests/vircgroupdata/systemd-legacy.self.cgroup create mode 100644 tests/vircgroupdata/systemd-unified.cgroups create mode 100644 tests/vircgroupdata/systemd-unified.mounts create mode 100644 tests/vircgroupdata/systemd-unified.self.cgroup
Reviewed-by: Michal Privoznik <mprivozn@xxxxxxxxxx> Michal
