... and add kmem-tcp to cgroups kmem test.
First, we already have a separate kmem test in cgroups.bats.
Second, making kmem a requirement leads to skipping all the other
test cases in the update.bats test.
Third, kmem limit is being removed from the kernel, so it makes sense
to handle it separately.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Consolidate two implementations of check_cgroup_value()
into one, putting it into helpers.
Remove the first parameter, deducing the variable to get
the path from by the parameter name.
This should help in future cgroupv2 support.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
In some cases, /sys/fs/cgroups is mounted read-only. In rootless
containers we can consider this effectively identical to having cgroups
that we don't have write permission to -- because the user isn't
responsible for the read-only setup and cannot modify it. The rules are
identical to when /sys/fs/cgroups is not writable by the unprivileged
user.
An example of this is the default configuration of Docker, where cgroups
are mounted as read-only as a preventative security measure.
Reported-by: Vladimir Rutsky <rutsky@google.com>
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Signed-off-by: Ed King <eking@pivotal.io>
Signed-off-by: Gabriel Rosenhouse <grosenhouse@pivotal.io>
Signed-off-by: Konstantinos Karampogias <konstantinos.karampogias@swisscom.com>
This fixes all of the tests that were broken as part of the console
rewrite. This includes fixing the integration tests that used TTY
handling inside libcontainer, as well as the bats integration tests that
needed to be rewritten to use recvtty (as they rely on detached
containers that are running).
This patch is part of the console rewrite patchset.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
On older kernels or kernels were CONFIG_MEMCG_KMEM is not set some cgroup tests
cannot be run. We simply test for the existence of the file
"${CGROUP_BASE_PATH}/memory/memory.kmem.limit_in_bytes" which should be
sufficient to conclude that CONFIG_MEMCG_KMEM is not set.
Signed-off-by: Christian Brauner <cbrauner@suse.de>
This makes it much simpler to write tests, and you don't have to worry
about some of the oddness with bats.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Since kernel 4.6, we can update kernel memory without
initialization, because it's accounted by default.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
--root invocations make tests harder to read, and they only serve a very
specific purpose. As such, remove them from the `runc update` tests
because they don't serve a purpose.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
On some systems, the cgroup hierarchies are grouped together
(cpu,cpuacct). In order to avoid fake failures, update the cgroup
parsing to just check whether or not the mountinfo options *contain* the
cgroup type.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Aleksa Sarai
John Hwang
Akihiro Suda
lifubang
Kir Kolyshkin
Will Martin
Andrei Vagin
Zhang Wei
Aleksa Sarai
Christian Brauner
Qiang Huang
Michael Crosby
Kenfe-Mickael Laventure