this commit rewrites the cgroups v2 parsing logic in get_cgroup function
which is used to fetch stats of a container. The reason for the rewrite
was that in some cases the original logic would panic due to index
of bound for parsing paths like
0::/kubepods-besteffort-pod162385e5_7f69_4c38_ba9c_db0a8f02b35e.slice:cri-containerd:278a0aac1fff30dfbc41b4a32ba9de4519928fe7480213dba87aa1498838ef34
we ran into this issue in deleting a spin container in the spin shim.
the rewrite replaces index access to properly propogate the error to
the caller of the function and added a few unit tests for the parsing logic.
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
in cgroupv2 we should use the cgroups.proc file when adding a process (https://www.man7.org/linux/man-pages/man7/cgroups.7.html). The add_tasks function was writing to the cgroup.threads file which is only avaliable when in threaded mode. In either case our intent is to add the process not the individual threads to we should use add_task_by_tgid. See https://github.com/kata-containers/cgroups-rs/pull/104 for when this was added
Signed-off-by: James Sturtevant <jstur@microsoft.com>
This commits adds cgroup v2 support for collecting metrics in the shim.
Additionally, it uses CPU controller instead of the CPUAcct controller
for reporting CPU metrics back to containerd.
Signed-off-by: jiaxiao zhou <jiazho@microsoft.com>
jiaxiao zhou
Jiaxiao Zhou
jokemanfire
James Sturtevant
Maksym Pavlenko
Feng Shaobao