Published: Nov 1, 2023 License: Apache-2.0




const (
	CgroupNamePrefix = "name="
const (
	CgroupProcesses = "cgroup.procs"


var (
	ErrV1NoUnified = errors.New("invalid configuration: cannot use unified on cgroup v1")
var (
	// TestMode is set to true by unit tests that need "fake" cgroupfs.
	TestMode bool


func ConvertBlkIOToIOWeightValue added in v1.0.0

func ConvertBlkIOToIOWeightValue(blkIoWeight uint16) uint64

Since the OCI spec is designed for cgroup v1, in some cases there is need to convert from the cgroup v1 configuration to cgroup v2 the formula for BlkIOWeight to IOWeight is y = (1 + (x - 10) * 9999 / 990) convert linearly from [10-1000] to [1-10000]

func ConvertCPUSharesToCgroupV2Value added in v1.0.0

func ConvertCPUSharesToCgroupV2Value(cpuShares uint64) uint64

Since the OCI spec is designed for cgroup v1, in some cases there is need to convert from the cgroup v1 configuration to cgroup v2 the formula for cpuShares is y = (1 + ((x - 2) * 9999) / 262142) convert from [2-262144] to [1-10000] 262144 comes from Linux kernel definition "#define MAX_SHARES (1UL << 18)"

func ConvertMemorySwapToCgroupV2Value added in v1.0.0

func ConvertMemorySwapToCgroupV2Value(memorySwap, memory int64) (int64, error)

ConvertMemorySwapToCgroupV2Value converts MemorySwap value from OCI spec for use by cgroup v2 drivers. A conversion is needed since Resources.MemorySwap is defined as memory+swap combined, while in cgroup v2 swap is a separate value.

func EnterPid

func EnterPid(cgroupPaths map[string]string, pid int) error

func FindCgroupMountpointAndRoot added in v0.0.4

func FindCgroupMountpointAndRoot(cgroupPath, subsystem string) (string, string, error)

func GetAllPids added in v0.0.7

func GetAllPids(path string) ([]int, error)

GetAllPids returns all pids from the cgroup identified by path, and all its sub-cgroups.

func GetAllSubsystems

func GetAllSubsystems() ([]string, error)

GetAllSubsystems returns all the cgroup subsystems supported by the kernel

func GetInitCgroup added in v1.0.0

func GetInitCgroup(subsystem string) (string, error)

func GetInitCgroupPath added in v1.0.0

func GetInitCgroupPath(subsystem string) (string, error)

func GetOwnCgroup added in v1.0.0

func GetOwnCgroup(subsystem string) (string, error)

GetOwnCgroup returns the relative path to the cgroup docker is running in.

func GetOwnCgroupPath added in v1.0.0

func GetOwnCgroupPath(subsystem string) (string, error)

func GetPids added in v0.0.5

func GetPids(dir string) ([]int, error)

GetPids returns all pids, that were added to cgroup at path.

func HugePageSizes added in v1.1.0

func HugePageSizes() []string

func IsCgroup2HybridMode added in v1.1.0

func IsCgroup2HybridMode() bool

IsCgroup2HybridMode returns whether we are running in cgroup v2 hybrid mode.

func IsCgroup2UnifiedMode added in v1.0.0

func IsCgroup2UnifiedMode() bool

IsCgroup2UnifiedMode returns whether we are running in cgroup v2 unified mode.

func IsNotFound

func IsNotFound(err error) bool

func NewNotFoundError

func NewNotFoundError(sub string) error

func OpenFile added in v1.0.0

func OpenFile(dir, file string, flags int) (*os.File, error)

OpenFile opens a cgroup file in a given dir with given flags. It is supposed to be used for cgroup files only, and returns an error if the file is not a cgroup file.

Arguments dir and file are joined together to form an absolute path to a file being opened.

func ParseCgroupFile

func ParseCgroupFile(path string) (map[string]string, error)

ParseCgroupFile parses the given cgroup file, typically /proc/self/cgroup or /proc/<pid>/cgroup, into a map of subsystems to cgroup paths, e.g.

"cpu": "/user.slice/user-1000.slice"
"pids": "/user.slice/user-1000.slice"


Note that for cgroup v2 unified hierarchy, there are no per-controller cgroup paths, so the resulting map will have a single element where the key is empty string ("") and the value is the cgroup path the <pid> is in.

func PathExists

func PathExists(path string) bool

func ReadFile added in v1.0.0

func ReadFile(dir, file string) (string, error)

ReadFile reads data from a cgroup file in dir. It is supposed to be used for cgroup files only.

func RemovePath added in v1.0.0

func RemovePath(path string) error

RemovePath aims to remove cgroup path. It does so recursively, by removing any subdirectories (sub-cgroups) first.

func RemovePaths

func RemovePaths(paths map[string]string) (err error)

RemovePaths iterates over the provided paths removing them. We trying to remove all paths five times with increasing delay between tries. If after all there are not removed cgroups - appropriate error will be returned.

func WriteCgroupProc added in v1.0.0

func WriteCgroupProc(dir string, pid int) error

WriteCgroupProc writes the specified pid into the cgroup's cgroup.procs file

func WriteFile added in v1.0.0

func WriteFile(dir, file, data string) error

WriteFile writes data to a cgroup file in dir. It is supposed to be used for cgroup files only.


type BlkioStatEntry

type BlkioStatEntry struct {
	Major uint64 `json:"major,omitempty"`
	Minor uint64 `json:"minor,omitempty"`
	Op    string `json:"op,omitempty"`
	Value uint64 `json:"value,omitempty"`

type BlkioStats

type BlkioStats struct {
	// number of bytes transferred to and from the block device
	IoServiceBytesRecursive []BlkioStatEntry `json:"io_service_bytes_recursive,omitempty"`
	IoServicedRecursive     []BlkioStatEntry `json:"io_serviced_recursive,omitempty"`
	IoQueuedRecursive       []BlkioStatEntry `json:"io_queue_recursive,omitempty"`
	IoServiceTimeRecursive  []BlkioStatEntry `json:"io_service_time_recursive,omitempty"`
	IoWaitTimeRecursive     []BlkioStatEntry `json:"io_wait_time_recursive,omitempty"`
	IoMergedRecursive       []BlkioStatEntry `json:"io_merged_recursive,omitempty"`
	IoTimeRecursive         []BlkioStatEntry `json:"io_time_recursive,omitempty"`
	SectorsRecursive        []BlkioStatEntry `json:"sectors_recursive,omitempty"`

type CPUSetStats added in v1.0.0

type CPUSetStats struct {
	// List of the physical numbers of the CPUs on which processes
	// in that cpuset are allowed to execute
	CPUs []uint16 `json:"cpus,omitempty"`
	// cpu_exclusive flag
	CPUExclusive uint64 `json:"cpu_exclusive"`
	// List of memory nodes on which processes in that cpuset
	// are allowed to allocate memory
	Mems []uint16 `json:"mems,omitempty"`
	// mem_hardwall flag
	MemHardwall uint64 `json:"mem_hardwall"`
	// mem_exclusive flag
	MemExclusive uint64 `json:"mem_exclusive"`
	// memory_migrate flag
	MemoryMigrate uint64 `json:"memory_migrate"`
	// memory_spread page flag
	MemorySpreadPage uint64 `json:"memory_spread_page"`
	// memory_spread slab flag
	MemorySpreadSlab uint64 `json:"memory_spread_slab"`
	// memory_pressure
	MemoryPressure uint64 `json:"memory_pressure"`
	// sched_load balance flag
	SchedLoadBalance uint64 `json:"sched_load_balance"`
	// sched_relax_domain_level
	SchedRelaxDomainLevel int64 `json:"sched_relax_domain_level"`

type CpuStats

type CpuStats struct {
	CpuUsage       CpuUsage       `json:"cpu_usage,omitempty"`
	ThrottlingData ThrottlingData `json:"throttling_data,omitempty"`

type CpuUsage

type CpuUsage struct {
	// Total CPU time consumed.
	// Units: nanoseconds.
	TotalUsage uint64 `json:"total_usage,omitempty"`
	// Total CPU time consumed per core.
	// Units: nanoseconds.
	PercpuUsage []uint64 `json:"percpu_usage,omitempty"`
	// CPU time consumed per core in kernel mode
	// Units: nanoseconds.
	PercpuUsageInKernelmode []uint64 `json:"percpu_usage_in_kernelmode"`
	// CPU time consumed per core in user mode
	// Units: nanoseconds.
	PercpuUsageInUsermode []uint64 `json:"percpu_usage_in_usermode"`
	// Time spent by tasks of the cgroup in kernel mode.
	// Units: nanoseconds.
	UsageInKernelmode uint64 `json:"usage_in_kernelmode"`
	// Time spent by tasks of the cgroup in user mode.
	// Units: nanoseconds.
	UsageInUsermode uint64 `json:"usage_in_usermode"`

CpuUsage denotes the usage of a CPU. All CPU stats are aggregate since container inception.

type HugetlbStats

type HugetlbStats struct {
	// current res_counter usage for hugetlb
	Usage uint64 `json:"usage,omitempty"`
	// maximum usage ever recorded.
	MaxUsage uint64 `json:"max_usage,omitempty"`
	// number of times hugetlb usage allocation failure.
	Failcnt uint64 `json:"failcnt"`

type Manager

type Manager interface {
	// Apply creates a cgroup, if not yet created, and adds a process
	// with the specified pid into that cgroup.  A special value of -1
	// can be used to merely create a cgroup.
	Apply(pid int) error

	// GetPids returns the PIDs of all processes inside the cgroup.
	GetPids() ([]int, error)

	// GetAllPids returns the PIDs of all processes inside the cgroup
	// any all its sub-cgroups.
	GetAllPids() ([]int, error)

	// GetStats returns cgroups statistics.
	GetStats() (*Stats, error)

	// Freeze sets the freezer cgroup to the specified state.
	Freeze(state configs.FreezerState) error

	// Destroy removes cgroup.
	Destroy() error

	// Path returns a cgroup path to the specified controller/subsystem.
	// For cgroupv2, the argument is unused and can be empty.
	Path(string) string

	// Set sets cgroup resources parameters/limits. If the argument is nil,
	// the resources specified during Manager creation (or the previous call
	// to Set) are used.
	Set(r *configs.Resources) error

	// GetPaths returns cgroup path(s) to save in a state file in order to
	// restore later.
	// For cgroup v1, a key is cgroup subsystem name, and the value is the
	// path to the cgroup for this subsystem.
	// For cgroup v2 unified hierarchy, a key is "", and the value is the
	// unified path.
	GetPaths() map[string]string

	// GetCgroups returns the cgroup data as configured.
	GetCgroups() (*configs.Cgroup, error)

	// GetFreezerState retrieves the current FreezerState of the cgroup.
	GetFreezerState() (configs.FreezerState, error)

	// Exists returns whether the cgroup path exists or not.
	Exists() bool

	// OOMKillCount reports OOM kill count for the cgroup.
	OOMKillCount() (uint64, error)

type MemoryData

type MemoryData struct {
	Usage    uint64 `json:"usage,omitempty"`
	MaxUsage uint64 `json:"max_usage,omitempty"`
	Failcnt  uint64 `json:"failcnt"`
	Limit    uint64 `json:"limit"`

type MemoryStats

type MemoryStats struct {
	// memory used for cache
	Cache uint64 `json:"cache,omitempty"`
	// usage of memory
	Usage MemoryData `json:"usage,omitempty"`
	// usage of memory + swap
	SwapUsage MemoryData `json:"swap_usage,omitempty"`
	// usage of kernel memory
	KernelUsage MemoryData `json:"kernel_usage,omitempty"`
	// usage of kernel TCP memory
	KernelTCPUsage MemoryData `json:"kernel_tcp_usage,omitempty"`
	// usage of memory pages by NUMA node
	// see chapter 5.6 of memory controller documentation
	PageUsageByNUMA PageUsageByNUMA `json:"page_usage_by_numa,omitempty"`
	// if true, memory usage is accounted for throughout a hierarchy of cgroups.
	UseHierarchy bool `json:"use_hierarchy"`

	Stats map[string]uint64 `json:"stats,omitempty"`

type Mount

type Mount struct {
	Mountpoint string
	Root       string
	Subsystems []string

func GetCgroupMounts

func GetCgroupMounts(all bool) ([]Mount, error)

GetCgroupMounts returns the mounts for the cgroup subsystems. all indicates whether to return just the first instance or all the mounts. This function should not be used from cgroupv2 code, as in this case all the controllers are available under the constant unifiedMountpoint.

func (Mount) GetOwnCgroup added in v1.0.0

func (m Mount) GetOwnCgroup(cgroups map[string]string) (string, error)

type NotFoundError

type NotFoundError struct {
	Subsystem string

func (*NotFoundError) Error

func (e *NotFoundError) Error() string

type PageStats added in v1.0.0

type PageStats struct {
	Total uint64           `json:"total,omitempty"`
	Nodes map[uint8]uint64 `json:"nodes,omitempty"`

type PageUsageByNUMA added in v1.0.0

type PageUsageByNUMA struct {
	// Embedding is used as types can't be recursive.
	Hierarchical PageUsageByNUMAInner `json:"hierarchical,omitempty"`

type PageUsageByNUMAInner added in v1.0.0

type PageUsageByNUMAInner struct {
	Total       PageStats `json:"total,omitempty"`
	File        PageStats `json:"file,omitempty"`
	Anon        PageStats `json:"anon,omitempty"`
	Unevictable PageStats `json:"unevictable,omitempty"`

type PidsStats added in v0.0.7

type PidsStats struct {
	// number of pids in the cgroup
	Current uint64 `json:"current,omitempty"`
	// active pids hard limit
	Limit uint64 `json:"limit,omitempty"`

type RdmaEntry added in v1.1.0

type RdmaEntry struct {
	Device     string `json:"device,omitempty"`
	HcaHandles uint32 `json:"hca_handles,omitempty"`
	HcaObjects uint32 `json:"hca_objects,omitempty"`

type RdmaStats added in v1.1.0

type RdmaStats struct {
	RdmaLimit   []RdmaEntry `json:"rdma_limit,omitempty"`
	RdmaCurrent []RdmaEntry `json:"rdma_current,omitempty"`

type Stats

type Stats struct {
	CpuStats    CpuStats    `json:"cpu_stats,omitempty"`
	CPUSetStats CPUSetStats `json:"cpuset_stats,omitempty"`
	MemoryStats MemoryStats `json:"memory_stats,omitempty"`
	PidsStats   PidsStats   `json:"pids_stats,omitempty"`
	BlkioStats  BlkioStats  `json:"blkio_stats,omitempty"`
	// the map is in the format "size of hugepage: stats of the hugepage"
	HugetlbStats map[string]HugetlbStats `json:"hugetlb_stats,omitempty"`
	RdmaStats    RdmaStats               `json:"rdma_stats,omitempty"`

func NewStats

func NewStats() *Stats

type ThrottlingData

type ThrottlingData struct {
	// Number of periods with throttling active
	Periods uint64 `json:"periods,omitempty"`
	// Number of periods when the container hit its throttling limit.
	ThrottledPeriods uint64 `json:"throttled_periods,omitempty"`
	// Aggregate time the container was throttled for in nanoseconds.
	ThrottledTime uint64 `json:"throttled_time,omitempty"`


