56f77d5ade
containers may specify these cgroup values at runtime. This will allow processes to change their priority to real-time within the container when CONFIG_RT_GROUP_SCHED is enabled in the kernel. See #22380. Also added sanity checks for the new --cpu-rt-runtime and --cpu-rt-period flags to ensure that that the kernel supports these features and that runtime is not greater than period. Daemon will support a --cpu-rt-runtime flag to initialize the parent cgroup on startup, this prevents the administrator from alotting runtime to docker after each restart. There are additional checks that could be added but maybe too far? Check parent cgroups to ensure values are <= parent, inspecting rtprio ulimit and issuing a warning. Signed-off-by: Erik St. Martin <alakriti@gmail.com>
53 lines
1.5 KiB
Go
53 lines
1.5 KiB
Go
package runconfig
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/docker/docker/api/types/container"
|
|
"github.com/docker/docker/pkg/sysinfo"
|
|
)
|
|
|
|
// DefaultDaemonNetworkMode returns the default network stack the daemon should
|
|
// use.
|
|
func DefaultDaemonNetworkMode() container.NetworkMode {
|
|
return container.NetworkMode("default")
|
|
}
|
|
|
|
// IsPreDefinedNetwork indicates if a network is predefined by the daemon
|
|
func IsPreDefinedNetwork(network string) bool {
|
|
return false
|
|
}
|
|
|
|
// ValidateNetMode ensures that the various combinations of requested
|
|
// network settings are valid.
|
|
func ValidateNetMode(c *container.Config, hc *container.HostConfig) error {
|
|
// We may not be passed a host config, such as in the case of docker commit
|
|
if hc == nil {
|
|
return nil
|
|
}
|
|
parts := strings.Split(string(hc.NetworkMode), ":")
|
|
switch mode := parts[0]; mode {
|
|
case "default", "none":
|
|
default:
|
|
return fmt.Errorf("invalid --net: %s", hc.NetworkMode)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ValidateIsolation performs platform specific validation of the
|
|
// isolation level in the hostconfig structure.
|
|
// This setting is currently discarded for Solaris so this is a no-op.
|
|
func ValidateIsolation(hc *container.HostConfig) error {
|
|
return nil
|
|
}
|
|
|
|
// ValidateQoS performs platform specific validation of the QoS settings
|
|
func ValidateQoS(hc *container.HostConfig) error {
|
|
return nil
|
|
}
|
|
|
|
// ValidateResources performs platform specific validation of the resource settings
|
|
func ValidateResources(hc *container.HostConfig, si *sysinfo.SysInfo) error {
|
|
return nil
|
|
}
|