diff --git a/pkg/drivers/kic/oci/cgroups_linux.go b/pkg/drivers/kic/oci/cgroups_linux.go new file mode 100644 index 0000000000000000000000000000000000000000..c56251fa18d85637f1799400bf653f633fed3595 --- /dev/null +++ b/pkg/drivers/kic/oci/cgroups_linux.go @@ -0,0 +1,34 @@ +// +build linux + +/* +Copyright 2021 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package oci + +import ( + "syscall" + + "golang.org/x/sys/unix" +) + +// IsCgroup2UnifiedMode returns whether we are running in cgroup 2 cgroup2 mode. +func IsCgroup2UnifiedMode() (bool, error) { + var st syscall.Statfs_t + if err := syscall.Statfs("/sys/fs/cgroup", &st); err != nil { + return false, err + } + return st.Type == unix.CGROUP2_SUPER_MAGIC, nil +} diff --git a/pkg/drivers/kic/oci/cgroups_other.go b/pkg/drivers/kic/oci/cgroups_other.go new file mode 100644 index 0000000000000000000000000000000000000000..7d91d8d2c345b7c86c54d23895aed5f954e85c55 --- /dev/null +++ b/pkg/drivers/kic/oci/cgroups_other.go @@ -0,0 +1,30 @@ +// +build !linux + +/* +Copyright 2021 The Kubernetes Authors All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package oci + +import ( + "runtime" + + "github.com/pkg/errors" +) + +// IsCgroup2UnifiedMode returns whether we are running in cgroup 2 cgroup2 mode. +func IsCgroup2UnifiedMode() (bool, error) { + return false, errors.Errorf("Not supported on %s", runtime.GOOS) +} diff --git a/pkg/drivers/kic/oci/oci.go b/pkg/drivers/kic/oci/oci.go index 3acecaba70c21088889c79dcc256457ffd36b65d..4993ddcd4c67ba71dc5aca2d8ee5ea85bb99e7dc 100644 --- a/pkg/drivers/kic/oci/oci.go +++ b/pkg/drivers/kic/oci/oci.go @@ -107,6 +107,24 @@ func PrepareContainerNode(p CreateParams) error { return nil } +func hasMemorySwapCgroup() bool { + memcgSwap := true + if runtime.GOOS == "linux" { + var memoryswap string + if cgroup2, err := IsCgroup2UnifiedMode(); err == nil && cgroup2 { + memoryswap = "/sys/fs/cgroup/memory/memory.swap.max" + } else { + memoryswap = "/sys/fs/cgroup/memory/memsw.limit_in_bytes" + } + if _, err := os.Stat(memoryswap); os.IsNotExist(err) { + // requires CONFIG_MEMCG_SWAP_ENABLED or cgroup_enable=memory in grub + klog.Warning("Your kernel does not support swap limit capabilities or the cgroup is not mounted.") + memcgSwap = false + } + } + return memcgSwap +} + // CreateContainerNode creates a new container node func CreateContainerNode(p CreateParams) error { // on windows os, if docker desktop is using Windows Containers. Exit early with error @@ -152,14 +170,7 @@ func CreateContainerNode(p CreateParams) error { runArgs = append(runArgs, "--ip", p.IP) } - memcgSwap := true - if runtime.GOOS == "linux" { - if _, err := os.Stat("/sys/fs/cgroup/memory/memsw.limit_in_bytes"); os.IsNotExist(err) { - // requires CONFIG_MEMCG_SWAP_ENABLED or cgroup_enable=memory in grub - klog.Warning("Your kernel does not support swap limit capabilities or the cgroup is not mounted.") - memcgSwap = false - } - } + memcgSwap := hasMemorySwapCgroup() // https://www.freedesktop.org/wiki/Software/systemd/ContainerInterface/ var virtualization string