diff options
| -rwxr-xr-x | lib/container/limit | 208 | ||||
| -rwxr-xr-x | lib/container/start | 96 | ||||
| -rw-r--r-- | share/bash-completion/container | 16 | ||||
| -rw-r--r-- | share/config/container.conf.in | 13 | ||||
| -rw-r--r-- | share/man/container-limit.1.txt | 109 | ||||
| -rw-r--r-- | share/man/container.1.txt | 3 |
6 files changed, 11 insertions, 434 deletions
diff --git a/lib/container/limit b/lib/container/limit deleted file mode 100755 index b1ec170..0000000 --- a/lib/container/limit +++ /dev/null @@ -1,208 +0,0 @@ -#!/bin/sh - -# Copyright (C) 2014-2019 Daniel Baumann <daniel.baumann@open-infrastructure.net> -# -# SPDX-License-Identifier: GPL-3.0+ -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -set -e - -PROJECT="open-infrastructure" -PROGRAM="container" -COMMAND="$(basename ${0})" - -HOOKS="/etc/${PROJECT}/${PROGRAM}/hooks" -MACHINES="/var/lib/machines" - -Parameters () -{ - GETOPT_LONGOPTIONS="name:,blockio-device-weight:,blockio-read-bandwidth:,blockio-weight:,blockio-write-bandwidth:,cpu-quota:,cpu-shares:,memory-limit:,tasks-max:," - GETOPT_OPTIONS="n:b:c:m:t:," - - PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${COMMAND} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" - - if [ "${?}" != "0" ] - then - echo "'${COMMAND}': getopt exit" >&2 - exit 1 - fi - - eval set -- "${PARAMETERS}" - - while true - do - case "${1}" in - -n|--name) - NAME="${2}" - shift 2 - ;; - - -c|--cpu-quota) - CPU_QUOTA="${2}" - shift 2 - ;; - - --cpu-shares) - CPU_SHARES="${2}" - shift 2 - ;; - - -m|--memory-limit) - MEMORY_LIMIT="${2}" - shift 2 - ;; - - -t|--tasks-max) - TASKS_MAX="${2}" - shift 2 - ;; - - --blockio-device-weight) - BLOCK_IO_DEVICE_WEIGHT="${2}" - shift 2 - ;; - - --blockio-read-bandwidth) - BLOCK_IO_READ_BANDWIDTH="${2}" - shift 2 - ;; - - -b|--blockio-weight) - BLOCK_IO_WEIGHT="${2}" - shift 2 - ;; - - --blockio-write-bandwidth) - BLOCK_IO_WRITE_BANDWIDTH="${2}" - shift 2 - ;; - - --) - shift 1 - break - ;; - - *) - echo "'${COMMAND}': getopt error" >&2 - exit 1 - ;; - esac - done -} - -Usage () -{ - echo "Usage: ${PROGRAM} ${COMMAND} -n|--name NAME [--blockio-device-weight \"DEVICE WEIGHT\"] [--blockio-read-bandwidth \"DEVICE BYTES\"] [-b|--blockio-weight WEIGHT] [--blockio-write-bandwidth \"DEVICE BYTES\"] [-c|--cpu-quota QUOTA] [--cpu-shares SHARES] [-m|--memory-limit BYTES] [-t|--tasks-max NUMBER]" >&2 - exit 1 -} - -Parameters "${@}" - -if [ -z "${NAME}" ] -then - Usage -fi - -if [ ! -e "${MACHINES}/${NAME}" ] -then - echo "'${NAME}': no such container" >&2 - exit 1 -fi - -STATE="$(machinectl show ${NAME} 2>&1 | awk -F= '/^State=/ { print $2 }')" - -case "${STATE}" in - running) - ;; - - *) - echo "'${NAME}': container is not running" >&2 - exit 1 - ;; -esac - -if [ -n "${BLOCK_IO_DEVICE_WEIGHT}" ] -then - BLOCK_IO_DEVICE_WEIGHT="BlockIODeviceWeight=${BLOCK_IO_DEVICE_WEIGHT}" - SET_PROPERTY="true" -fi - -if [ -n "${BLOCK_IO_READ_BANDWIDTH}" ] -then - BLOCK_IO_READ_BANDWIDTH="BlockIOReadBandwidth=${BLOCK_IO_READ_BANDWIDTH}" - SET_PROPERTY="true" -fi - -if [ -n "${BLOCK_IO_WEIGHT}" ] -then - BLOCK_IO_WEIGHT="BlockIOWeight=${BLOCK_IO_WEIGHT}" - SET_PROPERTY="true" -fi - -if [ -n "${BLOCK_IO_WRITE_BANDWIDTH}" ] -then - BLOCK_IO_WRITE_BANDWIDTH="BlockIOReadBandwidth=${BLOCK_IO_WRITE_BANDWIDTH}" - SET_PROPERTY="true" -fi - -if [ -n "${CPU_QUOTA}" ] -then - CPU_QUOTA="CPUQuota=${CPU_QUOTA}" - SET_PROPERTY="true" -fi - -if [ -n "${CPU_SHARES}" ] -then - CPU_SHARES="CPUShares=${CPU_SHARES}" - SET_PROPERTY="true" -fi - -if [ -n "${MEMORY_LIMIT}" ] -then - MEMORY_LIMIT="MemoryLimit=${MEMORY_LIMIT}" - SET_PROPERTY="true" -fi - -if [ -n "${TASKS_MAX}" ] -then - TASKS_MAX="TasksMax=${TASKS_MAX}" - SET_PROPERTY="true" -fi - -if [ "${SET_PROPERTY}" != "true" ] -then - Usage -fi - -# Pre hooks -for FILE in "${HOOKS}/pre-${COMMAND}".* "${HOOKS}/${NAME}.pre-${COMMAND}" -do - if [ -x "${FILE}" ] - then - "${FILE}" - fi -done - -# Run -systemctl --runtime set-property ${NAME} ${BLOCK_IO_DEVICE_WEIGHT} ${BLOCK_IO_READ_BANDWIDTH} ${BLOCK_IO_WEIGHT} ${BLOCK_IO_WRITE_BANDWIDTH} ${CPU_QUOTA} ${CPU_SHARES} ${MEMORY_LIMIT} ${TASKS_MAX} - -# Post hooks -for FILE in "${HOOKS}/post-${COMMAND}".* "${HOOKS}/${NAME}.post-${COMMAND}" -do - if [ -x "${FILE}" ] - then - "${FILE}" - fi -done diff --git a/lib/container/start b/lib/container/start index a63c861..925749c 100755 --- a/lib/container/start +++ b/lib/container/start @@ -398,70 +398,6 @@ EOF REGISTER="--register=no" ;; esac - - BLOCK_IO_DEVICE_WEIGHT="$(awk -F= '/^BlockIODeviceWeight=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${BLOCK_IO_DEVICE_WEIGHT}" ] - then - BLOCK_IO_DEVICE_WEIGHT="BlockIODeviceWeight=${BLOCK_IO_DEVICE_WEIGHT}" - SET_PROPERTY="true" - fi - - BLOCK_IO_READ_BANDWIDTH="$(awk -F= '/^BlockIOReadBandwidth=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${BLOCK_IO_READ_BANDWIDTH}" ] - then - BLOCK_IO_READ_BANDWIDTH="BlockIOReadBandwidth=${BLOCK_IO_READ_BANDWIDTH}" - SET_PROPERTY="true" - fi - - BLOCK_IO_WEIGHT="$(awk -F= '/^BlockIOWeight=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${BLOCK_IO_WEIGHT}" ] - then - BLOCK_IO_WEIGHT="BlockIOWeight=${BLOCK_IO_WEIGHT}" - SET_PROPERTY="true" - fi - - BLOCK_IO_WRITE_BANDWIDTH="$(awk -F= '/^BlockIOWriteBandwidth=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${BLOCK_IO_WRITE_BANDWIDTH}" ] - then - BLOCK_IO_WRITE_BANDWIDTH="BlockIOWriteBandwidth=${BLOCK_IO_WRITE_BANDWIDTH}" - SET_PROPERTY="true" - fi - - CPU_QUOTA="$(awk -F= '/^CPUQuota=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${CPU_QUOTA}" ] - then - CPU_QUOTA="CPUQuota=${CPU_QUOTA}" - SET_PROPERTY="true" - fi - - CPU_SHARES="$(awk -F= '/^CPUShares=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${CPU_SHARES}" ] - then - CPU_SHARES="CPUShares=${CPU_SHARES}" - SET_PROPERTY="true" - fi - - MEMORY_LIMIT="$(awk -F= '/^MemoryLimit=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${MEMORY_LIMIT}" ] - then - MEMORY_LIMIT="MemoryLimit=${MEMORY_LIMIT}" - SET_PROPERTY="true" - fi - - TASKS_MAX="$(awk -F= '/^TasksMax=/ { print $2 }' ${CONFIG}/${NAME}.conf)" - - if [ -n "${TASKS_MAX}" ] - then - TASKS_MAX="TasksMax=${TASKS_MAX}" - SET_PROPERTY="true" - fi fi case "${SYSTEMCTL}" in @@ -472,26 +408,14 @@ case "${SYSTEMCTL}" in ;; esac -case "${START}" in - true) - case "${SET_PROPERTY}" in - true) - systemctl --runtime set-property ${NAME} ${BLOCK_IO_DEVICE_WEIGHT} ${BLOCK_IO_READ_BANDWIDTH} ${BLOCK_IO_WEIGHT} ${BLOCK_IO_WRITE_BANDWIDTH} ${CPU_QUOTA} ${CPU_SHARES} ${MEMORY_LIMIT} ${TASKS_MAX} - ;; - esac - ;; - - *) - # Run - ${SETARCH} systemd-nspawn --keep-unit ${BIND} ${BIND_RO} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} +# Run +${SETARCH} systemd-nspawn --keep-unit ${BIND} ${BIND_RO} ${BOOT} ${CAPABILITY} ${DIRECTORY} ${DROP_CAPABILITY} ${MACHINE} ${NETWORK_VETH_EXTRA} ${LINK_JOURNAL} ${REGISTER} - # Post hooks - for FILE in "${HOOKS}/post-${COMMAND}".* "${HOOKS}/${NAME}.post-${COMMAND}" - do - if [ -x "${FILE}" ] - then - "${FILE}" - fi - done - ;; -esac +# Post hooks +for FILE in "${HOOKS}/post-${COMMAND}".* "${HOOKS}/${NAME}.post-${COMMAND}" +do + if [ -x "${FILE}" ] + then + "${FILE}" + fi +done diff --git a/share/bash-completion/container b/share/bash-completion/container index 65c3950..4bc386a 100644 --- a/share/bash-completion/container +++ b/share/bash-completion/container @@ -98,22 +98,6 @@ _container() esac ;; - limit) - case "${prev}" in - -n|--name) - opts="$(container list -a -f shell)" - COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) - return 0 - ;; - - *) - opts="-n --name --blockio-device-weight --blockio-read-bandwidth -b --blockio-weight --blockio-write-bandwidth -c --cpu-quota --cpu-shares -m --memory-limit -t --tasks-max" - COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) - return 0 - ;; - esac - ;; - list|ls) case "${prev}" in -h|--host) diff --git a/share/config/container.conf.in b/share/config/container.conf.in index ebf91b9..b0f35cb 100644 --- a/share/config/container.conf.in +++ b/share/config/container.conf.in @@ -1,6 +1,5 @@ -# compute-tools: @NAME@ +# /etc/open-infrastructure/container/config/@NAME@.conf -[start] cnt.auto=@CNT_AUTO@ cnt.container-server=@CNT_CONTAINER_SERVER@ cnt.network-bridge=@CNT_NETWORK_BRIDGE@ @@ -16,13 +15,3 @@ machine=@MACHINE@ network-veth-extra=@NETWORK_VETH_EXTRA@ private-users=@PRIVATE_USERS@ register=@REGISTER@ - -[limit] -BlockIODeviceWeight= -BlockIOReadBandwidth= -BlockIOWeight= -BlockIOWriteBandwidth= -CPUQuota= -CPUShares= -MemoryLimit= -TasksMax= diff --git a/share/man/container-limit.1.txt b/share/man/container-limit.1.txt deleted file mode 100644 index 62f0288..0000000 --- a/share/man/container-limit.1.txt +++ /dev/null @@ -1,109 +0,0 @@ -// Copyright (C) 2014-2019 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-LIMIT(1) -================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-limit - Limit ressources of a container - - -SYNOPSIS --------- -*container limit* ['OPTIONS'] - - -DESCRIPTION ------------ -The container limit command limits ressources available to a container at runtime. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. - -*--blockio-device-weight='DEVICE WEIGHT'*:: - Specify device specific blockio weight, see systemd.resource-control(5). - -*--blockio-read-bandwidth='DEVICE BYTES'*:: - Specify device specific blockio read bandwidth, see systemd.resource-control(5). - -*-b, --blockio-weight='WEIGHT'*:: - Specify general blockio weight, see systemd.resource-control(5). - -*--blockio-write-bandwidth='DEVICE BYTES'*:: - Specify device specific blockio write bandwidth, see systemd.resource-control(5). - -*-c, --cpu-quota='QUOTA'*:: - Specify CPU quota, see systemd.resource-control(5). - -*--cpu-shares='SHARES'*:: - Specify CPU shares, see systemd.resource-control(5). - -*-m, --memory-limit='BYTES'*:: - Specify memory limit, see systemd.resource-control(5). - -*-t, --tasks-max='NUMBER'*:: - Specify tasks max, see systemd.resource-control(5). - - -EXAMPLES --------- -*Set blockio weight for the example.net container:*:: - sudo container limit -n example.net --blockio-weight 100 - -*Set CPU quota for the example.net container:*:: - sudo container limit -n example.net --cpu-quota 10% - -*Set memory limit for the example.net container to 1GB:*:: - sudo container limit -n example.net --memory-limit 1G - -*Set tasks max for the example.net container to 100:*:: - sudo container limit -n example.net --tasks-max 100 - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container.1.txt b/share/man/container.1.txt index 87232d0..224d6cc 100644 --- a/share/man/container.1.txt +++ b/share/man/container.1.txt @@ -75,9 +75,6 @@ The following container commands are available: *enter*:: Enter a container namespace, see container-enter(1). -*limit*:: - Limit ressources of a container, see container-limit(1). - *list*:: List container on the system, see container-list(1). |