Quoting Gao feng (gaofeng@xxxxxxxxxxxxxx): > Right now,if we mount cgroup in the container,we will get > host's cgroup informations and even we can change host's > cgroup in container. > > So the resource controller of the container will lose > effectiveness. > > This patchset try to add contianer support for cgroup. > the main idea is allocateing cgroup super-block for each > cgroup mounted in different pid namespace. > > The top cgroup of container will share css with host. > When the cgroup being mounted in contianer,the tasks in > this container will be attached to this new mounted > hierarchy's top cgroup, And when unmounting cgroup in > container,these tasks will be attached back to host's cgroup. > > Since the container can change the shared css through it's > cgroup subsystem files. patch 7/8 disable the write permission > of container's top cgroup files. In my TODO list, container > will have it's own css, this problem will disappear. > > > This patchset is sent as RFC,any comments are welcome. > Maybe this isn't the best solution, if you have better > solution,Please let me know. Sounds very interesting, thanks. I'm out (and mostly AFK) but will take a look on wed or thu. -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
