[systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
Daniel J Walsh
dwalsh at redhat.com
Fri Jan 31 08:34:03 PST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/31/2014 11:20 AM, Zbigniew Jędrzejewski-Szmek wrote:
> On Fri, Jan 31, 2014 at 10:51:22AM -0500, Daniel J Walsh wrote:
>>>> Currently docker uses lxc tools under the covers to launch the
>>>> container, we want to add a plugin to use systemd-nspawn.
>>>>
>>>> docker -> systemd-nspawn -> container
>>>>
>>>> But we want the docker, systemd-nspawn and the container all affected
>>>> by any Cgroup entries in the unit file. So I want the container to
>>>> run as a service slice not a machine slice.
>>> And if you specify --slice=system-<something>.slice, doesn't this do
>>> the job?
>>
>> How would the docker command know what slice to assign it to? Why not
>> just eliminate systemd-nspawn doing anything with slices if I pass the
>> service flag or some other flag.
> It's not possible to disable slices, nspawn will always end up in some
> slice.
>
> The docker command already needs to know about systemd-nspawn to launch
> it. So it can just give the --slice option. If you want this to be part of
> the /system slice, than anything like --slice=system-<container-id>.slice
> will be fine. And the limits can be set on the slice as wanted. Note that
> the slice unit doesn't have to "exist", it will be created when
> referenced.
>
> Zbyszek
>
I know it has to be in a slice, I just want it to stay in the same slice that
the docker command is in.
If I could run --slice=current that would be fine.
If I create the httpd_container.service, it will create the
service-httpd_container.slice and docker will run there. I want
systemd-nspawn and more importantly the container processes to stay in
httpd_containe.slice. I guess I could get docker to check which slice it is
in, if that was possible, but I see no reason why we can not stop doing
"slice" stuff in systemd-nspawn, if a user wants it to run within his current
slice.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlLr0HsACgkQrlYvE4MpobMi+wCfY9LD7CzEOYVIrj79i1+i2T/p
HVEAoL7jmMNXod6lOULx7AHkTbih9c5i
=Vq2a
-----END PGP SIGNATURE-----
More information about the systemd-devel
mailing list