github.com/michael-k/docker@v1.7.0-rc2/pkg/sysinfo/sysinfo_linux.go

github.com/michael-k/docker@v1.7.0-rc2/pkg/sysinfo/sysinfo_linux.go (about)

     1  package sysinfo
     2  
     3  import (
     4  	"io/ioutil"
     5  	"os"
     6  	"path"
     7  	"strconv"
     8  	"strings"
     9  
    10  	"github.com/Sirupsen/logrus"
    11  	"github.com/docker/libcontainer/cgroups"
    12  )
    13  
    14  // New returns a new SysInfo, using the filesystem to detect which features the kernel supports.
    15  func New(quiet bool) *SysInfo {
    16  	sysInfo := &SysInfo{}
    17  	if cgroupMemoryMountpoint, err := cgroups.FindCgroupMountpoint("memory"); err != nil {
    18  		if !quiet {
    19  			logrus.Warnf("Your kernel does not support cgroup memory limit: %v", err)
    20  		}
    21  	} else {
    22  		// If memory cgroup is mounted, MemoryLimit is always enabled.
    23  		sysInfo.MemoryLimit = true
    24  
    25  		_, err1 := ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.memsw.limit_in_bytes"))
    26  		sysInfo.SwapLimit = err1 == nil
    27  		if !sysInfo.SwapLimit && !quiet {
    28  			logrus.Warn("Your kernel does not support swap memory limit.")
    29  		}
    30  
    31  		_, err = ioutil.ReadFile(path.Join(cgroupMemoryMountpoint, "memory.oom_control"))
    32  		sysInfo.OomKillDisable = err == nil
    33  		if !sysInfo.OomKillDisable && !quiet {
    34  			logrus.Warnf("Your kernel does not support oom control.")
    35  		}
    36  	}
    37  
    38  	if cgroupCpuMountpoint, err := cgroups.FindCgroupMountpoint("cpu"); err != nil {
    39  		if !quiet {
    40  			logrus.Warnf("%v", err)
    41  		}
    42  	} else {
    43  		_, err := ioutil.ReadFile(path.Join(cgroupCpuMountpoint, "cpu.cfs_period_us"))
    44  		sysInfo.CpuCfsPeriod = err == nil
    45  		if !sysInfo.CpuCfsPeriod && !quiet {
    46  			logrus.Warn("Your kernel does not support cgroup cfs period")
    47  		}
    48  		_, err = ioutil.ReadFile(path.Join(cgroupCpuMountpoint, "cpu.cfs_quota_us"))
    49  		sysInfo.CpuCfsQuota = err == nil
    50  		if !sysInfo.CpuCfsQuota && !quiet {
    51  			logrus.Warn("Your kernel does not support cgroup cfs quotas")
    52  		}
    53  	}
    54  
    55  	// Checek if ipv4_forward is disabled.
    56  	if data, err := ioutil.ReadFile("/proc/sys/net/ipv4/ip_forward"); os.IsNotExist(err) {
    57  		sysInfo.IPv4ForwardingDisabled = true
    58  	} else {
    59  		if enabled, _ := strconv.Atoi(strings.TrimSpace(string(data))); enabled == 0 {
    60  			sysInfo.IPv4ForwardingDisabled = true
    61  		} else {
    62  			sysInfo.IPv4ForwardingDisabled = false
    63  		}
    64  	}
    65  
    66  	// Check if AppArmor is supported.
    67  	if _, err := os.Stat("/sys/kernel/security/apparmor"); os.IsNotExist(err) {
    68  		sysInfo.AppArmor = false
    69  	} else {
    70  		sysInfo.AppArmor = true
    71  	}
    72  
    73  	// Check if Devices cgroup is mounted, it is hard requirement for container security.
    74  	if _, err := cgroups.FindCgroupMountpoint("devices"); err != nil {
    75  		logrus.Fatalf("Error mounting devices cgroup: %v", err)
    76  	}
    77  
    78  	return sysInfo
    79  }