github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/engine/pkg/sysinfo/cgroup2_linux.go (about) 1 package sysinfo // import "github.com/docker/docker/pkg/sysinfo" 2 3 import ( 4 "os" 5 "path" 6 "strings" 7 8 cgroupsV2 "github.com/containerd/cgroups/v2" 9 "github.com/containerd/containerd/sys" 10 "github.com/opencontainers/runc/libcontainer/cgroups" 11 "github.com/sirupsen/logrus" 12 ) 13 14 type infoCollectorV2 func(info *SysInfo, controllers map[string]struct{}, dirPath string) (warnings []string) 15 16 func newV2(quiet bool, opts *opts) *SysInfo { 17 var warnings []string 18 sysInfo := &SysInfo{ 19 CgroupUnified: true, 20 } 21 g := opts.cg2GroupPath 22 if g == "" { 23 g = "/" 24 } 25 m, err := cgroupsV2.LoadManager("/sys/fs/cgroup", g) 26 if err != nil { 27 logrus.Warn(err) 28 } else { 29 controllersM := make(map[string]struct{}) 30 controllers, err := m.Controllers() 31 if err != nil { 32 logrus.Warn(err) 33 } 34 for _, c := range controllers { 35 controllersM[c] = struct{}{} 36 } 37 opsV2 := []infoCollectorV2{ 38 applyMemoryCgroupInfoV2, 39 applyCPUCgroupInfoV2, 40 applyIOCgroupInfoV2, 41 applyCPUSetCgroupInfoV2, 42 applyPIDSCgroupInfoV2, 43 applyDevicesCgroupInfoV2, 44 } 45 dirPath := path.Join("/sys/fs/cgroup", path.Clean(g)) 46 for _, o := range opsV2 { 47 w := o(sysInfo, controllersM, dirPath) 48 warnings = append(warnings, w...) 49 } 50 } 51 52 ops := []infoCollector{ 53 applyNetworkingInfo, 54 applyAppArmorInfo, 55 applySeccompInfo, 56 applyCgroupNsInfo, 57 } 58 for _, o := range ops { 59 w := o(sysInfo, nil) 60 warnings = append(warnings, w...) 61 } 62 if !quiet { 63 for _, w := range warnings { 64 logrus.Warn(w) 65 } 66 } 67 return sysInfo 68 } 69 70 func getSwapLimitV2() bool { 71 groups, err := cgroups.ParseCgroupFile("/proc/self/cgroup") 72 if err != nil { 73 return false 74 } 75 76 g := groups[""] 77 if g == "" { 78 return false 79 } 80 81 cGroupPath := path.Join("/sys/fs/cgroup", g, "memory.swap.max") 82 if _, err = os.Stat(cGroupPath); os.IsNotExist(err) { 83 return false 84 } 85 return true 86 } 87 88 func applyMemoryCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string { 89 var warnings []string 90 if _, ok := controllers["memory"]; !ok { 91 warnings = append(warnings, "Unable to find memory controller") 92 return warnings 93 } 94 95 info.MemoryLimit = true 96 info.SwapLimit = getSwapLimitV2() 97 info.MemoryReservation = true 98 info.OomKillDisable = false 99 info.MemorySwappiness = false 100 info.KernelMemory = false 101 info.KernelMemoryTCP = false 102 return warnings 103 } 104 105 func applyCPUCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string { 106 var warnings []string 107 if _, ok := controllers["cpu"]; !ok { 108 warnings = append(warnings, "Unable to find cpu controller") 109 return warnings 110 } 111 info.CPUShares = true 112 info.CPUCfs = true 113 info.CPURealtime = false 114 return warnings 115 } 116 117 func applyIOCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string { 118 var warnings []string 119 if _, ok := controllers["io"]; !ok { 120 warnings = append(warnings, "Unable to find io controller") 121 return warnings 122 } 123 124 info.BlkioWeight = true 125 info.BlkioWeightDevice = true 126 info.BlkioReadBpsDevice = true 127 info.BlkioWriteBpsDevice = true 128 info.BlkioReadIOpsDevice = true 129 info.BlkioWriteIOpsDevice = true 130 return warnings 131 } 132 133 func applyCPUSetCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, dirPath string) []string { 134 var warnings []string 135 if _, ok := controllers["cpuset"]; !ok { 136 warnings = append(warnings, "Unable to find cpuset controller") 137 return warnings 138 } 139 info.Cpuset = true 140 141 cpus, err := os.ReadFile(path.Join(dirPath, "cpuset.cpus.effective")) 142 if err != nil { 143 return warnings 144 } 145 info.Cpus = strings.TrimSpace(string(cpus)) 146 147 mems, err := os.ReadFile(path.Join(dirPath, "cpuset.mems.effective")) 148 if err != nil { 149 return warnings 150 } 151 info.Mems = strings.TrimSpace(string(mems)) 152 return warnings 153 } 154 155 func applyPIDSCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string { 156 var warnings []string 157 if _, ok := controllers["pids"]; !ok { 158 warnings = append(warnings, "Unable to find pids controller") 159 return warnings 160 } 161 info.PidsLimit = true 162 return warnings 163 } 164 165 func applyDevicesCgroupInfoV2(info *SysInfo, controllers map[string]struct{}, _ string) []string { 166 info.CgroupDevicesEnabled = !sys.RunningInUserNS() 167 return nil 168 }