Browse Source

use s6's version of cgroups

previous version caused issue with lxd
using s6's version of cgroup fixes it
2.3.2
Nathan Owens 8 months ago
parent
commit
823a7470de
  1. 10
      Makefile
  2. 52
      install-man8
  3. 19
      module/boot@/configure/cgroups.conf
  4. 120
      module/boot@/configure/cgroups.sh
  5. 16
      module/boot@/service/mount/mount-cgroups

10
Makefile

@ -34,7 +34,15 @@ install-man: install-man1 install-man8
install-man1: $(INSTALL_MAN:doc/man/man1/%.1=$(DESTDIR)$(mandir)/man1/%.1)
install-man8: $(INSTALL_MAN:doc/man/man8/%.8=$(DESTDIR)$(mandir)/man8/%.8)
$(DESTDIR)$(script_directory)/%: module/boot@/configure/%
exec $(INSTALL) -D -m 644 $< $@
$(DESTDIR)$(script_directory)/cgroups.conf: module/boot@/configure/cgroups.conf
exec $(INSTALL) -D -m 644 $< $@
$(DESTDIR)$(script_directory)/cgroups.sh: module/boot@/configure/cgroups.sh
exec $(INSTALL) -D -m 755 $< $@
$(DESTDIR)$(script_directory)/%: module/boot@/configure/% $(DESTDIR)$(script_directory)/cgroups.conf $(DESTDIR)$(script_directory)/cgroups.sh
exec $(INSTALL) -D -m 755 $< $@
sed -i -e "s,@BINDIR@,$(bindir)," $@

52
install-man8

@ -0,0 +1,52 @@
.Dd June 1, 2016
.Dt MODULES-LOAD 8
.Os Linux
.Sh NAME
.Nm modules-load
.Nd Configure kernel modules to load at boot
.Sh SYNOPSIS
.Nm modules-load
.Op Fl nv
.Sh DESCRIPTION
.Nm
reads files which contain kernel modules to load during boot from the list of
locations below.
.Bl -tag -width indent
.It Fl n
dry-run mode.
This option does everything but actually insert or delete the modules.
.It Fl v
verbose mode.
Print messages about what the program is doing.
.El
.Sh FILES
Configuration files are read from the following locations:
.Bl -tag -width indent
.It /etc/modules-load.d/*.conf
.It /run/modules-load.d/*.conf
.It /usr/lib/modules-load.d/*.conf
.El
.Pp
The configuration files should simply contain a list of kernel module names
to load, separated by newlines.
Empty lines and lines whose first non-whitespace character is # or ; are
ignored.
.Sh EXAMPLES
.Pa /etc/modules-load.d/virtio-net.conf :
.Bd -literal -offset indent
# Load virtio-net.ko at boot
virtio-net
.Ed
.Sh SEE ALSO
.Xr modprobe 8
.Sh HISTORY
This program is a replacement for the
.Nm modules-load
utility provided by
.Nm systemd .
.Sh AUTHOR
.An Leah Neukirchen ,
.Mt leah@vuxu.org .
.Sh LICENSE
.Nm
is in the public domain.

19
module/boot@/configure/cgroups.conf

@ -0,0 +1,19 @@
# cgroups mode
# legacy mounts cgroups version 1 on /sys/fs/cgroup
# unified mounts cgroups version 2 on /sys/fs/cgroup
# hybrid mounts cgroups version 2 on /sys/fs/cgroup/unified and
# cgroups version 1 on /sys/fs/cgroup
CGROUP_MODE=hybrid
# This is a list of controllers which should be enabled for cgroups version 2.
# If hybrid mode is being used, controllers listed here will not be
# available for cgroups version 1. none means no controllers will be used
CGROUP_CONTROLLERS=none
# This switch controls whether or not cgroups version 1 controllers are
# individually mounted under
# /sys/fs/cgroup in hybrid or legacy mode
HAVE_CONTROLLER1_GROUPS=true

120
module/boot@/configure/cgroups.sh

@ -0,0 +1,120 @@
#!/bin/sh
CGROUP_OPTS=nodev,noexec,nosuid
CGROUP_MODE=$1
CGROUP_CONTROLLERS=$2
HAVE_CONTROLLER1_GROUPS=$3
if [ $CGROUP_CONTROLLERS = "none" ]; then
CGROUP_CONTROLLERS=""
fi
cgroup2_find_path() {
if grep -qw cgroup2 /proc/filesystems; then
case "${CGROUP_MODE}" in
hybrid) printf "/sys/fs/cgroup/unified" ;;
unified) printf "/sys/fs/cgroup" ;;
esac
fi
return 0
}
cgroup1_base() {
grep -qw cgroup /proc/filesystems || return 0
if ! mountpoint -q /sys/fs/cgroup; then
local opts="${CGROUP_OPTS},mode=755,size=${rc_cgroupsize:-10m}"
mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup
fi
if ! mountpoint -q /sys/fs/cgroup/openrc; then
local agent="/etc/s6/sv/mount-cgroups/cgroup-release-agent.sh"
mkdir /sys/fs/cgroup/openrc
mount -n -t cgroup -o none,${CGROUP_OPTS},name=openrc,release_agent="$agent" openrc /sys/fs/cgroup/openrc
printf 1 > /sys/fs/cgroup/openrc/notify_on_release
fi
return 0
}
cgroup1_controllers() {
${HAVE_CONTROLLER1_GROUPS} && [ -e /proc/cgroups ] && grep -qw cgroup /proc/filesystems || return 0
while read -r name _ _ enabled _; do
case "${enabled}" in
1) if mountpoint -q "/sys/fs/cgroup/${name}";then continue;fi
local x
for x in $CGROUP_CONTROLLERS; do
[ "${name}" = "blkio" ] && [ "${x}" = "io" ] &&
continue 2
[ "${name}" = "${x}" ] &&
continue 2
done
mkdir "/sys/fs/cgroup/${name}"
mount -n -t cgroup -o "${CGROUP_OPTS},${name}" "${name}" "/sys/fs/cgroup/${name}"
;;
esac
done < /proc/cgroups
return 0
}
cgroup2_base() {
grep -qw cgroup2 /proc/filesystems || return 0
local base
base="$(cgroup2_find_path)"
mkdir -p "${base}"
mount -t cgroup2 none -o "${CGROUP_OPTS},nsdelegate" "${base}" 2> /dev/null ||
mount -t cgroup2 none -o "${CGROUP_OPTS}" "${base}"
return 0
}
cgroup2_controllers() {
grep -qw cgroup2 /proc/filesystems || return 0
local active cgroup_path x y
cgroup_path="$(cgroup2_find_path)"
[ -z "${cgroup_path}" ] && return 0
[ -e "${cgroup_path}/cgroup.controllers" ] && read -r active < "${cgroup_path}/cgroup.controllers"
for x in ${CGROUP_CONTROLLERS}; do
for y in ${active}; do
[ "$x" = "$y" ] && [ -e "${cgroup_path}/cgroup.subtree_control" ] &&
echo "+${x}" > "${cgroup_path}/cgroup.subtree_control"
done
done
return 0
}
cgroups_hybrid() {
cgroup1_base
cgroup2_base
cgroup2_controllers
cgroup1_controllers
return 0
}
cgroups_legacy() {
cgroup1_base
cgroup1_controllers
return 0
}
cgroups_unified() {
cgroup2_base
cgroup2_controllers
return 0
}
mount_cgroups() {
case "${CGROUP_MODE}" in
hybrid) cgroups_hybrid ;;
legacy) cgroups_legacy ;;
unified) cgroups_unified ;;
esac
return 0
}
mount_cgs() {
if [ -d /sys/fs/cgroup ];then
mount_cgroups
return 0
fi
return 1
}
mount_cgs

16
module/boot@/service/mount/mount-cgroups

@ -11,17 +11,11 @@
(
if { 66-yeller -cdp mount-cgroups -1 /dev/console starts... }
if -nt {
execl-toc -m /sys/fs/cgroup -t tmpfs -d cgroup
execl-toc -m /sys/fs/cgroup/hybrid -t cgroup2 -o rw,nosuid,nodev,noexec,relatime,nsdelegate -d cgroup2
execl-toc -m /sys/fs/cgroup/openrc -t cgroup -o none,nodev,noexec,nosuid,name=openrc -d cgroup
redirfd -r 0 /proc/cgroups
pipeline { s6-tail -n +2 }
pipeline { s6-cut -d"\t" -f1 }
forstdin -d"\n" -- i
importas -iu i i
execl-toc -X -m /sys/fs/cgroup/${i} -t cgroup -o rw,nosuid,nodev,noexec,relatime,${i} -d cgroup
envfile /etc/66/script/cgroups.conf
importas -iu CGROUP_MODE CGROUP_MODE
importas -iu CGROUP_CONTROLLERS CGROUP_CONTROLLERS
importas -iu HAVE_CONTROLLER1_GROUPS HAVE_CONTROLLER1_GROUPS
exec sh /etc/66/script/cgroups.sh $CGROUP_MODE $CGROUP_CONTROLLERS $HAVE_CONTROLLER1_GROUPS
}
66-yeller -fcdp mount-cgroups -1 /dev/console crashed!
)

Loading…
Cancel
Save