[systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
Zbigniew Jędrzejewski-Szmek
zbyszek at in.waw.pl
Fri Jan 31 08:20:09 PST 2014
On Fri, Jan 31, 2014 at 10:51:22AM -0500, Daniel J Walsh wrote:
> >> Currently docker uses lxc tools under the covers to launch the container,
> >> we want to add a plugin to use systemd-nspawn.
> >>
> >> docker -> systemd-nspawn -> container
> >>
> >> But we want the docker, systemd-nspawn and the container all affected by
> >> any Cgroup entries in the unit file. So I want the container to run as a
> >> service slice not a machine slice.
> > And if you specify --slice=system-<something>.slice, doesn't this do the
> > job?
>
> How would the docker command know what slice to assign it to? Why not just
> eliminate systemd-nspawn doing anything with slices if I pass the service flag
> or some other flag.
It's not possible to disable slices, nspawn will always end up in some slice.
The docker command already needs to know about systemd-nspawn to launch it.
So it can just give the --slice option. If you want this to be part of the /system
slice, than anything like --slice=system-<container-id>.slice will be fine.
And the limits can be set on the slice as wanted. Note that the slice unit
doesn't have to "exist", it will be created when referenced.
Zbyszek
More information about the systemd-devel
mailing list