8000 stage1: disabling cgroup namespace in systemd-nspawn by alepuccetti · Pull Request #2989 · rkt/rkt · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
This repository was archived by the owner on Feb 24, 2020. It is now read-only.

stage1: disabling cgroup namespace in systemd-nspawn #2989

Merged
merged 1 commit into from
Jul 27, 2016
Merged

stage1: disabling cgroup namespace in systemd-nspawn #2989

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions stage1/init/init.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -398,6 +398,14 @@ func getArgsEnv(p *stage1commontypes.Pod, flavor string, debug bool, n *networki
}

env = append(env, "SYSTEMD_NSPAWN_CONTAINER_SERVICE=rkt")
// TODO (alepuccetti) remove this line when rkt will use cgroup namespace
// If the kernel has the cgroup namespace enabled, systemd v232 will use it by default.
// This was introduced by https://github.com/systemd/systemd/pull/3809 and it will cause
// problems in rkt when cgns is enabled and cgroup-v1 is used. For more information see
// https://github.com/systemd/systemd/pull/3589#discussion_r70277625.
// The following line tells systemd-nspawn not to use cgroup namespace using the environment variable
// introduced by https://github.com/systemd/systemd/pull/3809.
env = append(env, "SYSTEMD_NSPAWN_USE_CGNS=no")

if len(privateUsers) > 0 {
args = append(args, "--private-users="+privateUsers)
Expand Down
0