Browse code
Adding '--cgroup-parent' flag to docker run. This feature helps users implement more complex resource isolation policies on top of what native docker provides.
Docker-DCO-1.1-Signed-off-by: Vishnu Kannan <vishnuk@google.com> (github: vishh)
Vishnu Kannan authored on 2015/03/17 07:42:15Showing 4 changed files
| ... | ... |
@@ -164,6 +164,7 @@ type Command struct {
|
| 164 | 164 |
MountLabel string `json:"mount_label"` |
| 165 | 165 |
LxcConfig []string `json:"lxc_config"` |
| 166 | 166 |
AppArmorProfile string `json:"apparmor_profile"` |
| 167 |
+ CgroupParent string `json:"cgroup_parent"` // The parent cgroup for this command. |
|
| 167 | 168 |
} |
| 168 | 169 |
|
| 169 | 170 |
func InitContainer(c *Command) *configs.Config {
|
| ... | ... |
@@ -179,6 +180,11 @@ func InitContainer(c *Command) *configs.Config {
|
| 179 | 179 |
|
| 180 | 180 |
// check to see if we are running in ramdisk to disable pivot root |
| 181 | 181 |
container.NoPivotRoot = os.Getenv("DOCKER_RAMDISK") != ""
|
| 182 |
+ |
|
| 183 |
+ // Default parent cgroup is "docker". Override if required. |
|
| 184 |
+ if c.CgroupParent != "" {
|
|
| 185 |
+ container.Cgroups.Parent = c.CgroupParent |
|
| 186 |
+ } |
|
| 182 | 187 |
return container |
| 183 | 188 |
} |
| 184 | 189 |
|
| ... | ... |
@@ -131,6 +131,7 @@ type HostConfig struct {
|
| 131 | 131 |
ReadonlyRootfs bool |
| 132 | 132 |
Ulimits []*ulimit.Ulimit |
| 133 | 133 |
LogConfig LogConfig |
| 134 |
+ CgroupParent string // Parent cgroup. |
|
| 134 | 135 |
} |
| 135 | 136 |
|
| 136 | 137 |
// This is used by the create command when you want to set both the |
| ... | ... |
@@ -182,6 +183,7 @@ func ContainerHostConfigFromJob(job *engine.Job) *HostConfig {
|
| 182 | 182 |
IpcMode: IpcMode(job.Getenv("IpcMode")),
|
| 183 | 183 |
PidMode: PidMode(job.Getenv("PidMode")),
|
| 184 | 184 |
ReadonlyRootfs: job.GetenvBool("ReadonlyRootfs"),
|
| 185 |
+ CgroupParent: job.Getenv("CgroupParent"),
|
|
| 185 | 186 |
} |
| 186 | 187 |
|
| 187 | 188 |
// FIXME: This is for backward compatibility, if people use `Cpuset` |
| ... | ... |
@@ -71,6 +71,7 @@ func Parse(cmd *flag.FlagSet, args []string) (*Config, *HostConfig, *flag.FlagSe |
| 71 | 71 |
flRestartPolicy = cmd.String([]string{"-restart"}, "no", "Restart policy to apply when a container exits")
|
| 72 | 72 |
flReadonlyRootfs = cmd.Bool([]string{"-read-only"}, false, "Mount the container's root filesystem as read only")
|
| 73 | 73 |
flLoggingDriver = cmd.String([]string{"-log-driver"}, "", "Logging driver for container")
|
| 74 |
+ flCgroupParent = cmd.String([]string{"-cgroup-parent"}, "", "Optional parent cgroup for the container")
|
|
| 74 | 75 |
) |
| 75 | 76 |
|
| 76 | 77 |
cmd.Var(&flAttach, []string{"a", "-attach"}, "Attach to STDIN, STDOUT or STDERR")
|
| ... | ... |
@@ -332,6 +333,7 @@ func Parse(cmd *flag.FlagSet, args []string) (*Config, *HostConfig, *flag.FlagSe |
| 332 | 332 |
ReadonlyRootfs: *flReadonlyRootfs, |
| 333 | 333 |
Ulimits: flUlimits.GetList(), |
| 334 | 334 |
LogConfig: LogConfig{Type: *flLoggingDriver},
|
| 335 |
+ CgroupParent: *flCgroupParent, |
|
| 335 | 336 |
} |
| 336 | 337 |
|
| 337 | 338 |
// When allocating stdin in attached mode, close stdin at client disconnect |