mirror of
https://github.com/OpenNebula/one.git
synced 2025-01-08 21:17:43 +03:00
F #4089: add CPU limitations
This commit is contained in:
parent
48216ca955
commit
6e5ffdeb24
@ -2,7 +2,7 @@ Defaults:oneadmin !requiretty
|
||||
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
|
||||
|
||||
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
|
||||
Cmnd_Alias ONE_FIRECRACKER = /usr/bin/jailer, /usr/bin/mount, /usr/sbin/one-clean-firecracker-domain
|
||||
Cmnd_Alias ONE_FIRECRACKER = /usr/bin/jailer, /usr/bin/mount, /usr/sbin/one-clean-firecracker-domain, /usr/sbin/one-prepare-firecracker-domain
|
||||
Cmnd_Alias ONE_HA = /usr/bin/systemctl start opennebula-flow, /usr/bin/systemctl stop opennebula-flow, /usr/bin/systemctl start opennebula-gate, /usr/bin/systemctl stop opennebula-gate, /usr/bin/systemctl start opennebula-hem, /usr/bin/systemctl stop opennebula-hem, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/sbin/service opennebula-hem start, /usr/sbin/service opennebula-hem stop, /usr/sbin/arping, /usr/sbin/ip address *
|
||||
Cmnd_Alias ONE_LVM = /usr/sbin/lvcreate, /usr/sbin/lvremove, /usr/sbin/lvs, /usr/sbin/vgdisplay, /usr/sbin/lvchange, /usr/sbin/lvscan, /usr/sbin/lvextend
|
||||
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh, /usr/lib/one/sh/create_docker_image.sh
|
||||
|
@ -2,7 +2,7 @@ Defaults:oneadmin !requiretty
|
||||
Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
|
||||
|
||||
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
|
||||
Cmnd_Alias ONE_FIRECRACKER = /usr/bin/jailer, /bin/mount, /usr/sbin/one-clean-firecracker-domain
|
||||
Cmnd_Alias ONE_FIRECRACKER = /usr/bin/jailer, /bin/mount, /usr/sbin/one-clean-firecracker-domain, /usr/sbin/one-prepare-firecracker-domain
|
||||
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /bin/systemctl start opennebula-hem, /bin/systemctl stop opennebula-hem, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/sbin/service opennebula-hem start, /usr/sbin/service opennebula-hem stop, /usr/bin/arping, /sbin/ip address *
|
||||
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
|
||||
Cmnd_Alias ONE_LXD = /snap/bin/lxc, /usr/bin/catfstab, /bin/mount, /bin/umount, /bin/mkdir, /bin/lsblk, /sbin/losetup, /sbin/kpartx, /usr/bin/qemu-nbd, /sbin/blkid, /sbin/e2fsck, /sbin/resize2fs, /usr/sbin/xfs_growfs, /usr/bin/rbd-nbd, /usr/sbin/xfs_admin, /sbin/tune2fs
|
||||
|
@ -62,7 +62,8 @@ class Sudoers
|
||||
#{lib_location}/sh/create_docker_image.sh ],
|
||||
:FIRECRACKER => %w[/usr/bin/jailer
|
||||
mount
|
||||
/usr/sbin/one-clean-firecracker-domain]
|
||||
/usr/sbin/one-clean-firecracker-domain
|
||||
/usr/sbin/one-prepare-firecracker-domain]
|
||||
}
|
||||
end
|
||||
|
||||
|
@ -54,8 +54,6 @@ end
|
||||
|
||||
# Start VNC (only started if necessary)
|
||||
microvm.vnc('start')
|
||||
# Set cpu.shares (only if configured)
|
||||
microvm.set_cpu_limit
|
||||
|
||||
# Set deploy_id
|
||||
puts "one-#{vm_id}"
|
||||
|
@ -32,7 +32,8 @@ class MicroVM
|
||||
#---------------------------------------------------------------------------
|
||||
COMMANDS = {
|
||||
:clean => 'sudo -n /usr/sbin/one-clean-firecracker-domain',
|
||||
:map_context => '/var/tmp/one/vmm/firecracker/map_context'
|
||||
:map_context => '/var/tmp/one/vmm/firecracker/map_context',
|
||||
:preapre_domain => 'sudo -n /usr/sbin/one-prepare-firecracker-domain'
|
||||
}
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
@ -91,15 +92,6 @@ class MicroVM
|
||||
"#{@one.sysds_path}/#{@one.vm_id}"
|
||||
end
|
||||
|
||||
def map_chroot_path
|
||||
rc = Command.execute_rc_log("mkdir -p #{@rootfs_dir}")
|
||||
|
||||
return false unless rc
|
||||
|
||||
# TODO, add option for hard links
|
||||
Command.execute_rc_log("sudo -n mount -o bind #{@one.sysds_path}/#{@one.vm_id} #{@rootfs_dir}")
|
||||
end
|
||||
|
||||
def get_pid
|
||||
rc, stdout, = Command.execute('ps auxwww | grep ' \
|
||||
"\"^.*firecracker.*--id['\\\"=[[:space:]]]*#{@one.vm_name}\" " \
|
||||
@ -151,6 +143,9 @@ class MicroVM
|
||||
def cpu_shares(cpu)
|
||||
# default value for cpu.shares
|
||||
default_value = 1024
|
||||
shares_enabled = @one.fcrc[:cgroup_cpu_shares].downcase == 'true'
|
||||
|
||||
return default_value if !shares_enabled || cpu.nil? || cpu == ''
|
||||
|
||||
shares_val = (cpu * default_value).round
|
||||
|
||||
@ -160,6 +155,18 @@ class MicroVM
|
||||
shares_val
|
||||
end
|
||||
|
||||
def preapre_domain
|
||||
cgroup_path = @one.fcrc[:cgroup_location]
|
||||
cpu_val = cpu_shares(@one.get_cpu)
|
||||
|
||||
params = "-c #{cgroup_path} -p #{cpu_val} -s #{@one.sysds_path}"\
|
||||
" -v #{@one.vm_id}"
|
||||
|
||||
cmd = "#{COMMANDS[:preapre_domain]} #{params}"
|
||||
|
||||
Command.execute_rc_log(cmd)
|
||||
end
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
# VNC
|
||||
#---------------------------------------------------------------------------
|
||||
@ -222,7 +229,7 @@ class MicroVM
|
||||
cmd << " --#{key} #{val}"
|
||||
end
|
||||
|
||||
return false unless map_chroot_path
|
||||
return false unless preapre_domain
|
||||
|
||||
return false unless map_context
|
||||
|
||||
@ -265,14 +272,4 @@ class MicroVM
|
||||
# rubocop:enable Naming/AccessorMethodName
|
||||
# rubocop:enable Layout/LineLength
|
||||
|
||||
def set_cpu_limit
|
||||
return unless @one.fcrc[:cgroup_cpu_shares]
|
||||
|
||||
shares_location = "#{@one.fcrc[:cgroup_location]}/cpu/" \
|
||||
"firecracker/one-#{@one.vm_id}/cpu.shares"
|
||||
|
||||
cmd = "echo #{cpu_shares(@one.get_cpu)} > #{shares_location}"
|
||||
`echo "AAA#{Command.execute_once(cmd, false)}" > /tmp/a`
|
||||
end
|
||||
|
||||
end
|
||||
|
70
src/vmm_mad/remotes/lib/firecracker/one-prepare-firecracker-domain
Executable file
70
src/vmm_mad/remotes/lib/firecracker/one-prepare-firecracker-domain
Executable file
@ -0,0 +1,70 @@
|
||||
#!/bin/bash
|
||||
|
||||
# -------------------------------------------------------------------------- #
|
||||
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
|
||||
# #
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
||||
# not use this file except in compliance with the License. You may obtain #
|
||||
# a copy of the License at #
|
||||
# #
|
||||
# http://www.apache.org/licenses/LICENSE-2.0 #
|
||||
# #
|
||||
# Unless required by applicable law or agreed to in writing, software #
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, #
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
|
||||
# See the License for the specific language governing permissions and #
|
||||
# limitations under the License. #
|
||||
#--------------------------------------------------------------------------- #
|
||||
|
||||
# exit when any command fails
|
||||
set -e
|
||||
|
||||
CGROUP_PATH=""
|
||||
CPU_VAL=""
|
||||
SYSDS_PATH=""
|
||||
VM_ID=""
|
||||
|
||||
while getopts ":c:p:s:v:" opt; do
|
||||
case $opt in
|
||||
c) CGROUP_PATH="$OPTARG" ;; # root of cgroup FS
|
||||
p) CPU_VAL="$OPTARG" ;; # cpu.shares value
|
||||
s) SYSDS_PATH="$OPTARG" ;; # system datastore path
|
||||
v) VM_ID="$OPTARG" ;; # VM id
|
||||
esac
|
||||
done
|
||||
|
||||
# Check $CGROUP_PATH is an existing directory
|
||||
if [ ! -d "$CGROUP_PATH" ]; then
|
||||
exit -1
|
||||
fi
|
||||
|
||||
# Check $SYSDS_PATH is an existing directory
|
||||
if [ ! -d "$SYSDS_PATH" ]; then
|
||||
exit -1
|
||||
fi
|
||||
|
||||
regex_num='^[0-9]+$'
|
||||
|
||||
# Check $VM_ID is an integer
|
||||
if ! [[ "$VM_ID" =~ $regex_num ]]; then
|
||||
exit -1
|
||||
fi
|
||||
|
||||
# Check $CPU_VAL is an integer
|
||||
if ! [[ "$CPU_VAL" =~ $regex_num ]]; then
|
||||
exit -1
|
||||
fi
|
||||
|
||||
###############################################################################
|
||||
# Map the jailer chroot path to the OpenNebula VM location
|
||||
###############################################################################
|
||||
ROOTFS_PATH="/srv/jailer/firecracker/one-$VM_ID/root"
|
||||
mkdir -p "$ROOTFS_PATH"
|
||||
mount -o bind "$SYSDS_PATH/$VM_ID" "$ROOTFS_PATH"
|
||||
|
||||
###############################################################################
|
||||
# Set cpu.shares value to restrict cpu usage
|
||||
###############################################################################
|
||||
mkdir "$CGROUP_PATH/cpu/firecracker/one-$VM_ID"
|
||||
echo "$CPU_VAL" > "$CGROUP_PATH/cpu/firecracker/one-$VM_ID/cpu.shares"
|
||||
|
Loading…
Reference in New Issue
Block a user