File 0002-Remove-handler-cgroup-pkg-dep-in-virt-chroot.patch of Package kubevirt.37121
From 26747c7559f68f96913f344c3b529504eb3bfeb8 Mon Sep 17 00:00:00 2001
From: Alex Kalenyuk <akalenyu@redhat.com>
Date: Tue, 20 Aug 2024 22:40:52 +0300
Subject: [PATCH] Remove handler cgroup pkg dep in virt-chroot
After some investigations, it seems like bringing in the handler cgroup pkg causes some
"cannot allocate memory" errors when invoking virt-chroot.
The investigation is still ongoing (one of it's deps messing with rlimits?)
but there really is no need to bloat this binary with the entire package
just for a few strings.
The error can be replicated prior to this commit with
```bash
cd cmd/virt-chroot
go build
for i in {1..100}; do sudo ./virt-chroot --user qemu --memory 1000000000 --cpu 10 --mount /proc/1/ns/mnt exec -- /usr/bin/echo "he"; done
```
And the diff between the builds is quite significant
```bash
$ go version -m virt-chroot | grep dep | wc -l
83
$ go version -m virt-chroot | grep dep | wc -l
18
```
Signed-off-by: Alex Kalenyuk <akalenyu@redhat.com>
---
cmd/virt-chroot/BUILD.bazel | 2 +-
cmd/virt-chroot/cgroup.go | 6 +++---
pkg/virt-handler/cgroup/BUILD.bazel | 1 +
pkg/virt-handler/cgroup/cgroup.go | 11 ++++++-----
pkg/virt-handler/cgroup/cgroup_v1_manager.go | 5 +++--
pkg/virt-handler/cgroup/constants/BUILD.bazel | 8 ++++++++
pkg/virt-handler/cgroup/constants/constants.go | 9 +++++++++
pkg/virt-handler/cgroup/util.go | 10 ----------
8 files changed, 31 insertions(+), 21 deletions(-)
create mode 100644 pkg/virt-handler/cgroup/constants/BUILD.bazel
create mode 100644 pkg/virt-handler/cgroup/constants/constants.go
diff --git a/cmd/virt-chroot/BUILD.bazel b/cmd/virt-chroot/BUILD.bazel
index fd26041a0..619aac390 100644
--- a/cmd/virt-chroot/BUILD.bazel
+++ b/cmd/virt-chroot/BUILD.bazel
@@ -13,7 +13,7 @@ go_library(
visibility = ["//visibility:private"],
deps = [
"//pkg/safepath:go_default_library",
- "//pkg/virt-handler/cgroup:go_default_library",
+ "//pkg/virt-handler/cgroup/constants:go_default_library",
"//vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs:go_default_library",
"//vendor/github.com/opencontainers/runc/libcontainer/cgroups/fs2:go_default_library",
"//vendor/github.com/opencontainers/runc/libcontainer/configs:go_default_library",
diff --git a/cmd/virt-chroot/cgroup.go b/cmd/virt-chroot/cgroup.go
index 034c35229..d36c2bbac 100644
--- a/cmd/virt-chroot/cgroup.go
+++ b/cmd/virt-chroot/cgroup.go
@@ -12,7 +12,7 @@ import (
runc_fs2 "github.com/opencontainers/runc/libcontainer/cgroups/fs2"
runc_configs "github.com/opencontainers/runc/libcontainer/configs"
- "kubevirt.io/kubevirt/pkg/virt-handler/cgroup"
+ cgroupconsts "kubevirt.io/kubevirt/pkg/virt-handler/cgroup/constants"
)
func decodeResources(marshalledResourcesHash string) (*runc_configs.Resources, error) {
@@ -53,7 +53,7 @@ func decodePaths(marshalledPathsHash string) (map[string]string, error) {
func setCgroupResources(paths map[string]string, resources *runc_configs.Resources, isRootless bool, isV2 bool) error {
config := &runc_configs.Cgroup{
- Path: cgroup.HostCgroupBasePath,
+ Path: cgroupconsts.HostCgroupBasePath,
Resources: resources,
Rootless: isRootless,
}
@@ -74,7 +74,7 @@ func setCgroupResources(paths map[string]string, resources *runc_configs.Resourc
}
func setCgroupResourcesV1(paths map[string]string, resources *runc_configs.Resources, config *runc_configs.Cgroup) error {
- return RunWithChroot(cgroup.HostCgroupBasePath, func() error {
+ return RunWithChroot(cgroupconsts.HostCgroupBasePath, func() error {
cgroupManager, err := runc_fs.NewManager(config, paths)
if err != nil {
return fmt.Errorf("cannot create cgroups v1 manager. err: %v", err)
diff --git a/pkg/virt-handler/cgroup/BUILD.bazel b/pkg/virt-handler/cgroup/BUILD.bazel
index 6480a1ecc..39687c136 100644
--- a/pkg/virt-handler/cgroup/BUILD.bazel
+++ b/pkg/virt-handler/cgroup/BUILD.bazel
@@ -14,6 +14,7 @@ go_library(
deps = [
"//pkg/safepath:go_default_library",
"//pkg/util:go_default_library",
+ "//pkg/virt-handler/cgroup/constants:go_default_library",
"//pkg/virt-handler/isolation:go_default_library",
"//staging/src/kubevirt.io/api/core/v1:go_default_library",
"//staging/src/kubevirt.io/client-go/log:go_default_library",
diff --git a/pkg/virt-handler/cgroup/cgroup.go b/pkg/virt-handler/cgroup/cgroup.go
index d881458cc..b22c4239e 100644
--- a/pkg/virt-handler/cgroup/cgroup.go
+++ b/pkg/virt-handler/cgroup/cgroup.go
@@ -35,6 +35,7 @@ import (
v1 "kubevirt.io/api/core/v1"
virtutil "kubevirt.io/kubevirt/pkg/util"
+ cgroupconsts "kubevirt.io/kubevirt/pkg/virt-handler/cgroup/constants"
"kubevirt.io/kubevirt/pkg/virt-handler/isolation"
)
@@ -96,14 +97,14 @@ func newManagerFromPid(pid int, deviceRules []*devices.Rule) (manager Manager, e
const isRootless = false
var version CgroupVersion
- procCgroupBasePath := filepath.Join(procMountPoint, strconv.Itoa(pid), cgroupStr)
+ procCgroupBasePath := filepath.Join(cgroupconsts.ProcMountPoint, strconv.Itoa(pid), cgroupconsts.CgroupStr)
controllerPaths, err := runc_cgroups.ParseCgroupFile(procCgroupBasePath)
if err != nil {
return nil, fmt.Errorf("cannot initialize new cgroup manager. err: %v", err)
}
config := &configs.Cgroup{
- Path: HostCgroupBasePath,
+ Path: cgroupconsts.HostCgroupBasePath,
Resources: &configs.Resources{
Devices: deviceRules,
},
@@ -112,7 +113,7 @@ func newManagerFromPid(pid int, deviceRules []*devices.Rule) (manager Manager, e
if runc_cgroups.IsCgroup2UnifiedMode() {
version = V2
- slicePath := filepath.Join(cgroupBasePath, controllerPaths[""])
+ slicePath := filepath.Join(cgroupconsts.CgroupBasePath, controllerPaths[""])
slicePath = managerPath(slicePath)
manager, err = newV2Manager(config, slicePath)
} else {
@@ -154,9 +155,9 @@ func NewManagerFromVM(vmi *v1.VirtualMachineInstance) (Manager, error) {
// GetGlobalCpuSetPath returns the CPU set of the main cgroup slice
func GetGlobalCpuSetPath() string {
if runc_cgroups.IsCgroup2UnifiedMode() {
- return filepath.Join(cgroupBasePath, "cpuset.cpus.effective")
+ return filepath.Join(cgroupconsts.CgroupBasePath, "cpuset.cpus.effective")
}
- return filepath.Join(cgroupBasePath, "cpuset", "cpuset.cpus")
+ return filepath.Join(cgroupconsts.CgroupBasePath, "cpuset", "cpuset.cpus")
}
func getCpuSetPath(manager Manager, cpusetFile string) (string, error) {
diff --git a/pkg/virt-handler/cgroup/cgroup_v1_manager.go b/pkg/virt-handler/cgroup/cgroup_v1_manager.go
index 073d7a820..b54404d59 100644
--- a/pkg/virt-handler/cgroup/cgroup_v1_manager.go
+++ b/pkg/virt-handler/cgroup/cgroup_v1_manager.go
@@ -19,6 +19,7 @@ import (
runc_configs "github.com/opencontainers/runc/libcontainer/configs"
"kubevirt.io/kubevirt/pkg/util"
+ cgroupconsts "kubevirt.io/kubevirt/pkg/virt-handler/cgroup/constants"
)
type v1Manager struct {
@@ -55,7 +56,7 @@ func (v *v1Manager) GetBasePathToHostSubsystem(subsystem string) (string, error)
if subsystemPath == "" {
return "", fmt.Errorf("controller %s does not exist", subsystem)
}
- return filepath.Join(HostCgroupBasePath, subsystemPath), nil
+ return filepath.Join(cgroupconsts.HostCgroupBasePath, subsystemPath), nil
}
func (v *v1Manager) Set(r *runc_configs.Resources) error {
@@ -92,7 +93,7 @@ func getCurrentlyDefinedRules(runcManager runc_cgroups.Manager) ([]*devices.Rule
if !ok {
return nil, fmt.Errorf("devices subsystem's path is not defined for this manager")
}
- devicesPath = filepath.Join(HostCgroupBasePath, devicesPath)
+ devicesPath = filepath.Join(cgroupconsts.HostCgroupBasePath, devicesPath)
currentRulesStr, err := runc_cgroups.ReadFile(devicesPath, "devices.list")
if err != nil {
diff --git a/pkg/virt-handler/cgroup/constants/BUILD.bazel b/pkg/virt-handler/cgroup/constants/BUILD.bazel
new file mode 100644
index 000000000..8bd593534
--- /dev/null
+++ b/pkg/virt-handler/cgroup/constants/BUILD.bazel
@@ -0,0 +1,8 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+ name = "go_default_library",
+ srcs = ["constants.go"],
+ importpath = "kubevirt.io/kubevirt/pkg/virt-handler/cgroup/constants",
+ visibility = ["//visibility:public"],
+)
diff --git a/pkg/virt-handler/cgroup/constants/constants.go b/pkg/virt-handler/cgroup/constants/constants.go
new file mode 100644
index 000000000..246762b6d
--- /dev/null
+++ b/pkg/virt-handler/cgroup/constants/constants.go
@@ -0,0 +1,9 @@
+package constants
+
+const (
+ CgroupStr = "cgroup"
+ ProcMountPoint = "/proc"
+ hostRootPath = ProcMountPoint + "/1/root"
+ CgroupBasePath = "/sys/fs/" + CgroupStr
+ HostCgroupBasePath = hostRootPath + CgroupBasePath
+)
diff --git a/pkg/virt-handler/cgroup/util.go b/pkg/virt-handler/cgroup/util.go
index 9cd5bf3ec..8049f40a9 100644
--- a/pkg/virt-handler/cgroup/util.go
+++ b/pkg/virt-handler/cgroup/util.go
@@ -30,16 +30,6 @@ import (
type CgroupVersion string
-const (
- cgroupStr = "cgroup"
-
- procMountPoint = "/proc"
-
- HostRootPath = procMountPoint + "/1/root"
- cgroupBasePath = "/sys/fs/" + cgroupStr
- HostCgroupBasePath = HostRootPath + cgroupBasePath
-)
-
// Templates for logging / error messages
const (
V1 CgroupVersion = "v1"
--
2.46.0
