<p dir="ltr"><br>
On Jun 25, 2013 2:43 AM, "Lennart Poettering" <<a href="mailto:lennart@poettering.net">lennart@poettering.net</a>> wrote:<br>
><br>
> On Mon, 24.06.13 17:09, Andy Lutomirski (<a href="mailto:luto@amacapital.net">luto@amacapital.net</a>) wrote:<br>
><br>
> ><br>
> > On Mon, Jun 24, 2013 at 4:57 PM, Lennart Poettering<br>
> > <<a href="mailto:lennart@poettering.net">lennart@poettering.net</a>> wrote:<br>
> > > On Mon, 24.06.13 16:01, Andy Lutomirski (<a href="mailto:luto@amacapital.net">luto@amacapital.net</a>) wrote:<br>
> > ><br>
> > >> AFAICT the main reason that systemd uses cgroup is to efficiently<br>
> > >> track which service various processes came from and to send signals,<br>
> > >> and it seems like that use case could be handled without cgroups at<br>
> > >> all by creative use of subreapers and a syscall to broadcast a signal<br>
> > >> to everything that has a given subreaper as an ancestor. In that<br>
> > >> case, systemd could be asked to stay away from cgroups even in the<br>
> > >> single-hierarchy case.<br>
> > ><br>
> > > systemd uses cgroups to manage services. Managing services means many<br>
> > > things. Among them: keeping track of processes, listing processes of a<br>
> > > service, killing processes of a service, doing per-service logging<br>
> > > (which means reliably, immediately, and race-freely tracing back<br>
> > > messages to the service which logged them), about 55 other things, and<br>
> > > also resource management.<br>
> > ><br>
> > > I don't see how I can do anything of this without something like<br>
> > > cgroups, i.e. hierarchial, resource management involved systemd which<br>
> > > allows me to securely put labels on processes.<br>
> ><br>
> > Boneheaded straw-man proposal: two new syscalls and a few spare processes.<br>
> ><br>
> > int sys_task_reaper(int tid): Returns the reaper for the task tid<br>
> > (which is 1 if there's no subreaper). (This could just as easily be a<br>
> > file in /proc.)<br>
> ><br>
> > int sys_killall_under_subreaper(int subreaper, int sig): Broadcasts<br>
> > sig to all tasks under subreaper (excluding subreaper). Guarantees<br>
> > that, even if those tasks are forking, they all get the signal.<br>
> ><br>
> > Then, when starting a service, systemd forks, sets the child to be a<br>
> > subreaper, then forks that child again to exec the service.<br>
> ><br>
> > Does this do everything that's needed?<br>
><br>
> No. It doesn't do anything that's needed. How do I list all PIDs in a<br>
> service with this? </p>
<p dir="ltr">Walk /proc/<subreaper>/children recursively. A kernel patch to make that field show up unconditionally instead of hiding under EXPERT would help.</p>
<p dir="ltr">> How do I determine the service of a PID?</p>
<p dir="ltr">Call sys_task_reaper, then look up what service that subreaper comes from.</p>
<p dir="ltr">> How do i do<br>
> resource manage with this?</p>
<p dir="ltr">With cgroups, unless the admin has configured systemd not to use cgroups, in which case you don't. (The whole point would be to keep DefaultControllers= without using the one and only cgroup hierarchy.)</p>
<p dir="ltr">--Andy</p>
<p dir="ltr">><br>
> > sys_task_reaper is trivial to<br>
> > implement (that functionality is already there in the reparenting<br>
> > code), and sys_killall_under_subreaper is probably not so bad.<br>
> ><br>
> > This has one main downside I can think of: it wastes a decent number<br>
> > of processes (one subreaper per service).<br>
><br>
> Yeah, also the downside that it doesn't do what we need.<br>
><br>
> Lennart<br>
><br>
> --<br>
> Lennart Poettering - Red Hat, Inc.<br>
</p>