cgroup2_linux.go 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145
  1. package sysinfo // import "github.com/docker/docker/pkg/sysinfo"
  2. import (
  3. "os"
  4. "path"
  5. "strings"
  6. "github.com/containerd/cgroups"
  7. cgroupsV2 "github.com/containerd/cgroups/v2"
  8. "github.com/containerd/containerd/pkg/userns"
  9. "github.com/sirupsen/logrus"
  10. )
  11. func newV2(options ...Opt) *SysInfo {
  12. sysInfo := &SysInfo{
  13. CgroupUnified: true,
  14. cg2GroupPath: "/",
  15. }
  16. for _, o := range options {
  17. o(sysInfo)
  18. }
  19. ops := []infoCollector{
  20. applyNetworkingInfo,
  21. applyAppArmorInfo,
  22. applySeccompInfo,
  23. applyCgroupNsInfo,
  24. }
  25. m, err := cgroupsV2.LoadManager("/sys/fs/cgroup", sysInfo.cg2GroupPath)
  26. if err != nil {
  27. logrus.Warn(err)
  28. } else {
  29. sysInfo.cg2Controllers = make(map[string]struct{})
  30. controllers, err := m.Controllers()
  31. if err != nil {
  32. logrus.Warn(err)
  33. }
  34. for _, c := range controllers {
  35. sysInfo.cg2Controllers[c] = struct{}{}
  36. }
  37. ops = append(ops,
  38. applyMemoryCgroupInfoV2,
  39. applyCPUCgroupInfoV2,
  40. applyIOCgroupInfoV2,
  41. applyCPUSetCgroupInfoV2,
  42. applyPIDSCgroupInfoV2,
  43. applyDevicesCgroupInfoV2,
  44. )
  45. }
  46. for _, o := range ops {
  47. o(sysInfo)
  48. }
  49. return sysInfo
  50. }
  51. func getSwapLimitV2() bool {
  52. groups, err := cgroups.ParseCgroupFile("/proc/self/cgroup")
  53. if err != nil {
  54. return false
  55. }
  56. g := groups[""]
  57. if g == "" {
  58. return false
  59. }
  60. cGroupPath := path.Join("/sys/fs/cgroup", g, "memory.swap.max")
  61. if _, err = os.Stat(cGroupPath); os.IsNotExist(err) {
  62. return false
  63. }
  64. return true
  65. }
  66. func applyMemoryCgroupInfoV2(info *SysInfo) {
  67. if _, ok := info.cg2Controllers["memory"]; !ok {
  68. info.Warnings = append(info.Warnings, "Unable to find memory controller")
  69. return
  70. }
  71. info.MemoryLimit = true
  72. info.SwapLimit = getSwapLimitV2()
  73. info.MemoryReservation = true
  74. info.OomKillDisable = false
  75. info.MemorySwappiness = false
  76. info.KernelMemory = false
  77. info.KernelMemoryTCP = false
  78. }
  79. func applyCPUCgroupInfoV2(info *SysInfo) {
  80. if _, ok := info.cg2Controllers["cpu"]; !ok {
  81. info.Warnings = append(info.Warnings, "Unable to find cpu controller")
  82. return
  83. }
  84. info.CPUShares = true
  85. info.CPUCfs = true
  86. info.CPURealtime = false
  87. }
  88. func applyIOCgroupInfoV2(info *SysInfo) {
  89. if _, ok := info.cg2Controllers["io"]; !ok {
  90. info.Warnings = append(info.Warnings, "Unable to find io controller")
  91. return
  92. }
  93. info.BlkioWeight = true
  94. info.BlkioWeightDevice = true
  95. info.BlkioReadBpsDevice = true
  96. info.BlkioWriteBpsDevice = true
  97. info.BlkioReadIOpsDevice = true
  98. info.BlkioWriteIOpsDevice = true
  99. }
  100. func applyCPUSetCgroupInfoV2(info *SysInfo) {
  101. if _, ok := info.cg2Controllers["cpuset"]; !ok {
  102. info.Warnings = append(info.Warnings, "Unable to find cpuset controller")
  103. return
  104. }
  105. info.Cpuset = true
  106. cpus, err := os.ReadFile(path.Join("/sys/fs/cgroup", info.cg2GroupPath, "cpuset.cpus.effective"))
  107. if err != nil {
  108. return
  109. }
  110. info.Cpus = strings.TrimSpace(string(cpus))
  111. mems, err := os.ReadFile(path.Join("/sys/fs/cgroup", info.cg2GroupPath, "cpuset.mems.effective"))
  112. if err != nil {
  113. return
  114. }
  115. info.Mems = strings.TrimSpace(string(mems))
  116. }
  117. func applyPIDSCgroupInfoV2(info *SysInfo) {
  118. if _, ok := info.cg2Controllers["pids"]; !ok {
  119. info.Warnings = append(info.Warnings, "Unable to find pids controller")
  120. return
  121. }
  122. info.PidsLimit = true
  123. }
  124. func applyDevicesCgroupInfoV2(info *SysInfo) {
  125. info.CgroupDevicesEnabled = !userns.RunningInUserNS()
  126. }