[libvirt] [PATCH 2/2] LXC: rework mounting cgroupfs in container
Gao feng
gaofeng at cn.fujitsu.com
Fri Apr 5 02:16:43 UTC 2013
On 2013/03/27 13:26, Gao feng wrote:
> On 2013/03/20 16:14, Gao feng wrote:
>> There are 3 reason we need to rework the cgroupfs
>> mounting in container.
>>
>> 1, Yin Olivia reported a "failed to mount cgroup"
>> problem, now we given that the name of cgroup mount point
>> is same with the subsystem type, Or libvirt_lxc
>> will fail to start.
>>
>> 2, The cgroup configuration is leaked to the container,
>> even user can change host's cgroup configuration in
>> container.
>>
>> 3, After we enable userns, the cgroupfs is unable to be
>> mounted in uninit-userns.
>>
>> This patch tries to resolve these 3 problem,
>> uses mount --bind to set cgroupfs for container.
>>
>> It means the directory /sys/fs/cgroup/memory/libvirt/lxc/domain
>> of host will be binded to the directory /sys/fs/cgroup/memory of
>> container.
>>
>
> Hi Daniel,
>
> what's your idea about this patch?
>
Ping Again
More information about the libvir-list
mailing list