diff --git a/cmd/cri-containerd/cri_containerd.go b/cmd/cri-containerd/cri_containerd.go index 52327b06a..80c47bb0c 100644 --- a/cmd/cri-containerd/cri_containerd.go +++ b/cmd/cri-containerd/cri_containerd.go @@ -27,6 +27,9 @@ import ( "runtime" "syscall" + "github.com/containerd/cgroups" + "github.com/containerd/containerd/sys" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/selinux/go-selinux" "github.com/sirupsen/logrus" "github.com/spf13/cobra" @@ -95,6 +98,19 @@ func main() { logrus.Infof("Run cri-containerd %+v", o) + if o.CgroupPath != "" { + _, err := loadCgroup(o.CgroupPath) + if err != nil { + return fmt.Errorf("failed to load cgroup for cgroup path %v: %v", o.CgroupPath, err) + } + } + + if o.OOMScore != 0 { + if err := sys.SetOOMScore(os.Getpid(), o.OOMScore); err != nil { + return fmt.Errorf("failed to set OOMScore to %v: %v", o.OOMScore, err) + } + } + // Start profiling server if enable. if o.EnableProfiling { logrus.Info("Start profiling server") @@ -200,3 +216,23 @@ func setGLogLevel(l logrus.Level) error { } return nil } + +// loadCgroup loads the cgroup associated with path if it exists and moves the current process into the cgroup. If the cgroup +// is not created it is created and returned. +func loadCgroup(cgroupPath string) (cgroups.Cgroup, error) { + cg, err := cgroups.Load(cgroups.V1, cgroups.StaticPath(cgroupPath)) + if err != nil { + if err != cgroups.ErrCgroupDeleted { + return nil, err + } + if cg, err = cgroups.New(cgroups.V1, cgroups.StaticPath(cgroupPath), &runtimespec.LinuxResources{}); err != nil { + return nil, err + } + } + if err := cg.Add(cgroups.Process{ + Pid: os.Getpid(), + }); err != nil { + return nil, err + } + return cg, nil +} diff --git a/pkg/server/helpers.go b/pkg/server/helpers.go index 4abfdff58..2d9399ff2 100644 --- a/pkg/server/helpers.go +++ b/pkg/server/helpers.go @@ -19,13 +19,11 @@ package server import ( "encoding/json" "fmt" - "os" "path" "path/filepath" "strconv" "strings" - "github.com/containerd/cgroups" "github.com/containerd/containerd" "github.com/containerd/containerd/content" "github.com/docker/distribution/reference" @@ -33,7 +31,6 @@ import ( "github.com/opencontainers/image-spec/identity" imagespec "github.com/opencontainers/image-spec/specs-go/v1" runtimespec "github.com/opencontainers/runtime-spec/specs-go" - specs "github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-tools/generate" "github.com/opencontainers/selinux/go-selinux" "github.com/opencontainers/selinux/go-selinux/label" @@ -288,26 +285,6 @@ func (c *criContainerdService) ensureImageExists(ctx context.Context, ref string return &newImage, nil } -// loadCgroup loads the cgroup associated with path if it exists and moves the current process into the cgroup. If the cgroup -// is not created it is created and returned. -func loadCgroup(cgroupPath string) (cgroups.Cgroup, error) { - cg, err := cgroups.Load(cgroups.V1, cgroups.StaticPath(cgroupPath)) - if err != nil { - if err != cgroups.ErrCgroupDeleted { - return nil, err - } - if cg, err = cgroups.New(cgroups.V1, cgroups.StaticPath(cgroupPath), &specs.LinuxResources{}); err != nil { - return nil, err - } - } - if err := cg.Add(cgroups.Process{ - Pid: os.Getpid(), - }); err != nil { - return nil, err - } - return cg, nil -} - // imageInfo is the information about the image got from containerd. type imageInfo struct { id string diff --git a/pkg/server/service.go b/pkg/server/service.go index 1c50da521..25ed52ff5 100644 --- a/pkg/server/service.go +++ b/pkg/server/service.go @@ -26,7 +26,6 @@ import ( "github.com/containerd/containerd" "github.com/containerd/containerd/plugin" - "github.com/containerd/containerd/sys" "github.com/cri-o/ocicni/pkg/ocicni" runcapparmor "github.com/opencontainers/runc/libcontainer/apparmor" runcseccomp "github.com/opencontainers/runc/libcontainer/seccomp" @@ -114,18 +113,6 @@ type criContainerdService struct { // NewCRIContainerdService returns a new instance of CRIContainerdService func NewCRIContainerdService(config options.Config) (CRIContainerdService, error) { var err error - if config.CgroupPath != "" { - _, err := loadCgroup(config.CgroupPath) - if err != nil { - return nil, fmt.Errorf("failed to load cgroup for cgroup path %v: %v", config.CgroupPath, err) - } - } - if config.OOMScore != 0 { - if err := sys.SetOOMScore(os.Getpid(), config.OOMScore); err != nil { - return nil, fmt.Errorf("failed to set OOMScore to %v: %v", config.OOMScore, err) - } - } - c := &criContainerdService{ config: config, apparmorEnabled: runcapparmor.IsEnabled(),