add runc shim support for sched core

In linux 5.14 and hopefully some backports, core scheduling allows processes to be co scheduled within the same domain on SMT enabled systems. The containerd impl sets the core sched domain when launching a shim. This allows a clean way for each shim(container/pod) to be in its own domain and any additional containers, (v2 pods) be be launched with the same domain as well as any exec'd process added to the container. kernel docs: https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/core-scheduling.html Signed-off-by: Michael Crosby <michael@thepasture.io>
2021-09-15 17:49:38 +00:00
parent 88e1cf5fb5
commit e48bbe8394
99 changed files with 4329 additions and 3611 deletions
--- a/runtime/v2/shim/util.go
+++ b/runtime/v2/shim/util.go
@@ -36,8 +36,18 @@ import (

 var runtimePaths sync.Map

+type CommandConfig struct {
+	Runtime      string
+	Address      string
+	TTRPCAddress string
+	Path         string
+	SchedCore    bool
+	Args         []string
+	Opts         *types.Any
+}
+
 // Command returns the shim command with the provided args and configuration
-func Command(ctx context.Context, runtime, containerdAddress, containerdTTRPCAddress, path string, opts *types.Any, cmdArgs ...string) (*exec.Cmd, error) {
+func Command(ctx context.Context, config *CommandConfig) (*exec.Cmd, error) {
 	ns, err := namespaces.NamespaceRequired(ctx)
 	if err != nil {
 		return nil, err
@@ -48,13 +58,13 @@ func Command(ctx context.Context, runtime, containerdAddress, containerdTTRPCAdd
 	}
 	args := []string{
 		"-namespace", ns,
-		"-address", containerdAddress,
+		"-address", config.Address,
 		"-publish-binary", self,
 	}
-	args = append(args, cmdArgs...)
-	name := BinaryName(runtime)
+	args = append(args, config.Args...)
+	name := BinaryName(config.Runtime)
 	if name == "" {
-		return nil, fmt.Errorf("invalid runtime name %s, correct runtime name should format like io.containerd.runc.v1", runtime)
+		return nil, fmt.Errorf("invalid runtime name %s, correct runtime name should format like io.containerd.runc.v1", config.Runtime)
 	}

 	var cmdPath string
@@ -63,7 +73,7 @@ func Command(ctx context.Context, runtime, containerdAddress, containerdTTRPCAdd
 		cmdPath = cmdPathI.(string)
 	} else {
 		var lerr error
-		binaryPath := BinaryPath(runtime)
+		binaryPath := BinaryPath(config.Runtime)
 		if _, serr := os.Stat(binaryPath); serr == nil {
 			cmdPath = binaryPath
 		}
@@ -80,7 +90,7 @@ func Command(ctx context.Context, runtime, containerdAddress, containerdTTRPCAdd
 							cmdPath = testPath
 						}
 						if cmdPath == "" {
-							return nil, errors.Wrapf(os.ErrNotExist, "runtime %q binary not installed %q", runtime, name)
+							return nil, errors.Wrapf(os.ErrNotExist, "runtime %q binary not installed %q", config.Runtime, name)
 						}
 					}
 				}
@@ -97,15 +107,18 @@ func Command(ctx context.Context, runtime, containerdAddress, containerdTTRPCAdd
 	}

 	cmd := exec.CommandContext(ctx, cmdPath, args...)
-	cmd.Dir = path
+	cmd.Dir = config.Path
 	cmd.Env = append(
 		os.Environ(),
 		"GOMAXPROCS=2",
-		fmt.Sprintf("%s=%s", ttrpcAddressEnv, containerdTTRPCAddress),
+		fmt.Sprintf("%s=%s", ttrpcAddressEnv, config.TTRPCAddress),
 	)
+	if config.SchedCore {
+		cmd.Env = append(cmd.Env, "SCHED_CORE=1")
+	}
 	cmd.SysProcAttr = getSysProcAttr()
-	if opts != nil {
-		d, err := proto.Marshal(opts)
+	if config.Opts != nil {
+		d, err := proto.Marshal(config.Opts)
 		if err != nil {
 			return nil, err
 		}