[systemd-devel] How to use cgroups within containers?

Cameron Norman camerontnorman at gmail.com
Fri Oct 17 14:52:51 PDT 2014


On Fri, Oct 17, 2014 at 2:37 PM, Richard Weinberger
<richard.weinberger at gmail.com> wrote:
> ...fixing LXC devel mailinglist... :-\
>
> On Fri, Oct 17, 2014 at 11:35 PM, Richard Weinberger
> <richard.weinberger at gmail.com> wrote:
>> Dear systemd and container folks,
>>
>> at Plumbers the question raised how to provide cgroups to a systemd that lives
>> in a container (with user namespaces).
>> Due to the GDL train strikes I had to leave very soon and had no chance to
>> talk to you in person.
>>
>> Was a solution proposed?
>> All I want to know is how to provide cgroups in a sane and secure way
>> to systemd. :-)

I am not at all an expert on systemd's cgroups, however I do know the
basic design of cgmanager. cgmanager provides cgroups to containers
via a "cgproxy" service that relays messages to the main cgmanager
service. You can read more about it here:
https://github.com/cgmanager/cgmanager/blob/master/README. Perhaps
systemd can use a similar model.

Cheers,
--
Cameron


More information about the systemd-devel mailing list