mirror of
https://github.com/systemd/systemd.git
synced 2024-10-27 18:55:40 +03:00
c52db42b78
In cgroup v2 we have protection tunables -- currently MemoryLow and MemoryMin (there will be more in future for other resources, too). The design of these protection tunables requires not only intermediate cgroups to propagate protections, but also the units at the leaf of that resource's operation to accept it (by setting MemoryLow or MemoryMin). This makes sense from an low-level API design perspective, but it's a good idea to also have a higher-level abstraction that can, by default, propagate these resources to children recursively. In this patch, this happens by having descendants set memory.low to N if their ancestor has DefaultMemoryLow=N -- assuming they don't set a separate MemoryLow value. Any affected unit can opt out of this propagation by manually setting `MemoryLow` to some value in its unit configuration. A unit can also stop further propagation by setting `DefaultMemoryLow=` with no argument. This removes further propagation in the subtree, but has no effect on the unit itself (for that, use `MemoryLow=0`). Our use case in production is simplifying the configuration of machines which heavily rely on memory protection tunables, but currently require tweaking a huge number of unit files to make that a reality. This directive makes that significantly less fragile, and decreases the risk of misconfiguration. After this patch is merged, I will implement DefaultMemoryMin= using the same principles. |
||
---|---|---|
.. | ||
fuzz | ||
hwdb | ||
journal-data | ||
loopy.service.d | ||
mocks | ||
TEST-01-BASIC | ||
TEST-02-CRYPTSETUP | ||
TEST-03-JOBS | ||
TEST-04-JOURNAL | ||
TEST-05-RLIMITS | ||
TEST-06-SELINUX | ||
TEST-07-ISSUE-1981 | ||
TEST-08-ISSUE-2730 | ||
TEST-09-ISSUE-2691 | ||
TEST-10-ISSUE-2467 | ||
TEST-11-ISSUE-3166 | ||
TEST-12-ISSUE-3171 | ||
TEST-13-NSPAWN-SMOKE | ||
TEST-14-MACHINE-ID | ||
TEST-15-DROPIN | ||
TEST-16-EXTEND-TIMEOUT | ||
TEST-17-UDEV-WANTS | ||
TEST-18-FAILUREACTION | ||
TEST-19-DELEGATE | ||
TEST-20-MAINPIDGAMES | ||
TEST-21-SYSUSERS | ||
TEST-22-TMPFILES | ||
TEST-23-TYPE-EXEC | ||
TEST-24-UNIT-TESTS | ||
TEST-25-IMPORT | ||
TEST-26-SETENV | ||
TEST-27-STDOUTFILE | ||
TEST-28-PERCENTJ-WANTEDBY | ||
TEST-29-UDEV-ID_RENAMING | ||
TEST-30-ONCLOCKCHANGE | ||
TEST-31-DEVICE-ENUMERATION | ||
TEST-31-OOMPOLICY | ||
test-execute | ||
test-network | ||
test-path | ||
test-resolve | ||
test-umount | ||
unit-.service.d | ||
unit-with-.service.d | ||
unit-with-multiple-.service.d | ||
unit-with-multiple-dashes.service.d | ||
.gitignore | ||
a.service | ||
b.service | ||
basic.target | ||
c.service | ||
create-sys-script.py | ||
d.service | ||
daughter.service | ||
dml-discard-empty.service | ||
dml-discard-set-ml.service | ||
dml-discard.slice | ||
dml-override-empty.service | ||
dml-override.slice | ||
dml-passthrough-empty.service | ||
dml-passthrough-set-dml.service | ||
dml-passthrough-set-ml.service | ||
dml-passthrough.slice | ||
dml.slice | ||
e.service | ||
end.service | ||
f.service | ||
g.service | ||
grandchild.service | ||
h.service | ||
hello-after-sleep.target | ||
hello.service | ||
hwdb-test.sh | ||
loopy2.service | ||
loopy3.service | ||
loopy4.service | ||
loopy.service | ||
meson.build | ||
mkosi.build.networkd-test | ||
mkosi.default.networkd-test | ||
mkosi.nspawn.networkd-test | ||
networkd-test.py | ||
nomem.slice | ||
nomemleaf.service | ||
parent-deep.slice | ||
parent.slice | ||
README.testsuite | ||
rule-syntax-check.py | ||
run-integration-tests.sh | ||
run-unit-tests.py | ||
sched_idle_bad.service | ||
sched_idle_ok.service | ||
sched_rr_bad.service | ||
sched_rr_change.service | ||
sched_rr_ok.service | ||
shutdown.target | ||
sleep.service | ||
sockets.target | ||
son.service | ||
splash.bmp | ||
sys-script.py | ||
sysinit.target | ||
sysv-generator-test.py | ||
test-efi-create-disk.sh | ||
test-exec-deserialization.py | ||
test-functions | ||
testsuite.target | ||
timers.target | ||
udev-test.pl | ||
unit-with-multiple-dashes.service | ||
unstoppable.service |
The extended testsuite only works with UID=0. It contains of several subdirectories named "test/TEST-??-*", which are run one by one. To run the extended testsuite do the following: $ ninja -C build # Avoid building anything as root later $ sudo test/run-integration-tests.sh ninja: Entering directory `/home/zbyszek/src/systemd/build' ninja: no work to do. --x-- Running TEST-01-BASIC --x-- + make -C TEST-01-BASIC BUILD_DIR=/home/zbyszek/src/systemd/build clean setup run make: Entering directory '/home/zbyszek/src/systemd/test/TEST-01-BASIC' TEST CLEANUP: Basic systemd setup TEST SETUP: Basic systemd setup ... TEST RUN: Basic systemd setup [OK] make: Leaving directory '/home/zbyszek/src/systemd/test/TEST-01-BASIC' --x-- Result of TEST-01-BASIC: 0 --x-- --x-- Running TEST-02-CRYPTSETUP --x-- + make -C TEST-02-CRYPTSETUP BUILD_DIR=/home/zbyszek/src/systemd/build clean setup run If one of the tests fails, then $subdir/test.log contains the log file of the test. To run just one of the cases: $ sudo make -C test/TEST-01-BASIC clean setup run Specifying the build directory ============================== If the build directory is not detected automatically, it can be specified with BUILD_DIR=: $ sudo BUILD_DIR=some-other-build/ test/run-integration-tests or $ sudo make -C test/TEST-01-BASIC BUILD_DIR=../../some-other-build/ ... Note that in the second case, the path is relative to the test case directory. An absolute path may also be used in both cases. Configuration variables ======================= TEST_NO_QEMU=1 Don't run tests under QEMU TEST_NO_NSPAWN=1 Don't run tests under systemd-nspawn TEST_NO_KVM=1 Disable QEMU KVM autodetection (may be necessary when you're trying to run the *vanilla* QEMU and have both qemu and qemu-kvm installed) QEMU_MEM=512M Configure amount of memory for QEMU VMs (defaults to 512M) QEMU_SMP=1 Configure number of CPUs for QEMU VMs (defaults to 1) KERNEL_APPEND='...' Append additional parameters to the kernel command line NSPAWN_ARGUMENTS='...' Specify additional arguments for systemd-nspawn QEMU_TIMEOUT=infinity Set a timeout for tests under QEMU (defaults to infinity) NSPAWN_TIMEOUT=infinity Set a timeout for tests under systemd-nspawn (defaults to infinity) INTERACTIVE_DEBUG=1 Configure the machine to be more *user-friendly* for interactive debuggung (e.g. by setting a usable default terminal, suppressing the shutdown after the test, etc.) The kernel and initramfs can be specified with $KERNEL_BIN and $INITRD. (Fedora's or Debian's default kernel path and initramfs are used by default) A script will try to find your QEMU binary. If you want to specify a different one with $QEMU_BIN. Debugging the qemu image ======================== If you want to log in the testsuite virtual machine, you can specify additional kernel command line parameter with $KERNEL_APPEND and then log in as root. $ sudo make -C test/TEST-01-BASIC KERNEL_APPEND="systemd.unit=multi-user.target" run Root password is empty.