-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libct/devices: move config to libct/cg/devices/config #4577
base: main
Are you sure you want to change the base?
Conversation
Currently, libcontainer/devices contains two things: 1. Device-related configuration data structures and accompanying methods. Those are used by runc itself, mostly by libct/cgroups. 2. A few functions (HostDevices, DeviceFromPath, GetDevices). Those are not used by runc directly, but have some external users (cri-o, microsoft/hcsshim), and they also have a few forks (containerd/pkg/oci, podman/pkg/util). This commit moves (1) to a new separate package, config (under libcontainer/cgroups/devices), adding a backward-compatible aliases (marked as deprecated so we will be able to remove those later). Alas it's not possible to move this to libcontainer/cgroups directly because some IDs (Type, Rule, Permissions) are too generic, and renaming them (to DeviceType, DeviceRule, DevicePermissions) will break backward compatibility (mostly due to Rule being embedded into Device). Signed-off-by: Kir Kolyshkin <[email protected]>
Use the old package name as an alias to minimize the patch. No functional change; this just eliminates a bunch of deprecation warnings. Signed-off-by: Kir Kolyshkin <[email protected]>
So,
So, it's either the way it is now in this PR, or we can break the backward compatibility and go with 1, or we go with 3. WDYT @thaJeztah ? |
I want libcontainer/cgroups to be moved to https://github.com/opencontainers/cgroups before we hit v1.3.0, and this is a necessary step. PTAL @opencontainers/runc-maintainers 🙏 |
@@ -19,13 +19,6 @@ var ( | |||
osReadDir = os.ReadDir | |||
) | |||
|
|||
func mkDev(d *Rule) (uint64, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just only a question, in fact, it seems that all things in this file are not used by runc after we moved this function to another place, maybe we can mark the whole package deprecated? But maybe they are used by some other projects, so we need to keep these unneeded codes here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because of the above reason, I suggest to move all this file to ‘github.com/opencontainers/runc/libcontainer/cgroups/devices/config’, the other reason is that if someone wants to use these functions besides with ‘github.com/opencontainers/runc/libcontainer/cgroups/devices/config’, he needs to import these two packages, it will make us confused. WDYT?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it seems that all things in this file are not used by runc after we moved this function to another place, maybe we can mark the whole package deprecated?
We could, but usually while doing so, you have to suggest a replacement. Alas, I can't suggest any replacement at this time. As noted in this PR description, there are forks of this code (in containerd/pkg/oci and podman/pkg/util) but they are not a direct replacement.
But maybe they are used by some other projects, so we need to keep these unneeded codes here?
Exactly. As noted in description:
- A few functions (HostDevices, DeviceFromPath, GetDevices).
Those are not used by runc directly, but have some external users
(cri-o, microsoft/hcsshim)
So,
- we can't remove this;
- we can't mark them deprecated (as we can't offer an alternative);
The long-term plan for this is also in the description:
(As for (2), I think something like moby/sys#181 should be done)
Now,
Because of the above reason, I suggest to move all this file to ‘github.com/opencontainers/runc/libcontainer/cgroups/devices/config’
So, these two things (1 and 2 in the description) are really not related. 1 is used by runc (in particular, by libcontainer/cgroups) and this is why this PR moves it there. 2 has some external users, and the long term plan is to move it to moby (see moby/sys#181).
The big picture here is, we want to move libcontainer/cgroups to a separate repository (see https://github.com/opencontainers/tob/blob/main/proposals/cgroups.md), and for that we need to make it as self-contained as possible. For this, (1) from the description goes to libcontainer/cgroups, and (2) stays where it is.
Let me know if I can clarify this further.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I got it now, thanks your explanation, it seems that the current solution is the best decision at this time.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks! Great to have progress on this front to separate the repo!
I'm slowly coming back and catching up!
This is the next step to facilitate separation of libct/cgroups as per https://github.com/opencontainers/tob/blob/main/proposals/cgroups.md
Currently, libcontainer/devices contains two things:
Device-related configuration data structures and accompanying
methods. Those are used by runc itself, mostly by libct/cgroups.
A few functions (HostDevices, DeviceFromPath, GetDevices).
Those are not used by runc directly, but have some external users
(cri-o, microsoft/hcsshim), and they also have a few forks
(containerd/pkg/oci, podman/pkg/util).
This commit moves (1) to a new separate package,
config
(underlibcontainer/cgroups/devices
), adding a backward-compatible aliases(marked as deprecated so we will be able to remove those later).
(As for (2), I think something like moby/sys#181 should be done)