Skip to content

Commit

Permalink
Add I/O Priority Configuration for Process Group in Linux Containers
Browse files Browse the repository at this point in the history
Signed-off-by: utam0k <k0ma@utam0k.jp>
  • Loading branch information
utam0k committed May 19, 2023
1 parent 8a09257 commit 504f70e
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 0 deletions.
14 changes: 14 additions & 0 deletions config.md
Original file line number Diff line number Diff line change
Expand Up @@ -293,6 +293,12 @@ For Linux-based systems, the `process` object supports the following process-spe
For more information on how these two settings work together, see [the memory cgroup documentation section 10. OOM Contol][cgroup-v1-memory_2].
* **`selinuxLabel`** (string, OPTIONAL) specifies the SELinux label for the process.
For more information about SELinux, see [SELinux documentation][selinux].
* **`ioPriority`** (object, OPTIONAL) configures the I/O priority settings for the container's processes within the process group.
The I/O priority settings will be automatically applied to the entire process group, affecting all processes within the container.
The following properties are available:

* **`class`** (string, REQUIRED) specifies the I/O scheduling class. Possible values are `IOPRIO_CLASS_RT`, `IOPRIO_CLASS_BE`, and `IOPRIO_CLASS_IDLE`.
* **`priority`** (int, REQUIRED) specifies the priority level within the class. The value should be an integer ranging from 0 (highest) to 7 (lowest).

### <a name="configUser" />User

Expand Down Expand Up @@ -334,6 +340,10 @@ _Note: symbolic name for uid and gid, such as uname and gname respectively, are
],
"apparmorProfile": "acme_secure_profile",
"selinuxLabel": "system_u:system_r:svirt_lxc_net_t:s0:c124,c675",
"ioPriority": {
"class": "IOPRIO_CLASS_IDLE",
"priority": 4
},
"noNewPrivileges": true,
"capabilities": {
"bounding": [
Expand Down Expand Up @@ -734,6 +744,10 @@ Here is a full example `config.json` for reference.
"apparmorProfile": "acme_secure_profile",
"oomScoreAdj": 100,
"selinuxLabel": "system_u:system_r:svirt_lxc_net_t:s0:c124,c675",
"ioPriority": {
"class": "IOPRIO_CLASS_IDLE",
"priority": 4
},
"noNewPrivileges": true
},
"root": {
Expand Down
9 changes: 9 additions & 0 deletions schema/config-schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,15 @@
"selinuxLabel": {
"type": "string"
},
"ioPriority": {
"class": "string",
"enum": [
"IOPRIO_CLASS_RT",
"IOPRIO_CLASS_BE",
"IOPRIO_CLASS_IDLE"
],
"priority": "integer"
},
"noNewPrivileges": {
"type": "boolean"
},
Expand Down
18 changes: 18 additions & 0 deletions specs-go/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ type Process struct {
OOMScoreAdj *int `json:"oomScoreAdj,omitempty" platform:"linux"`
// SelinuxLabel specifies the selinux context that the container process is run as.
SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"`
// IOPriority contains the I/O priority settings for the cgroup.
IOPriority *LinuxIOPriority `json:"ioPriority,omitempty" platform:"linux"`
}

// LinuxCapabilities specifies the list of allowed capabilities that are kept for a process.
Expand All @@ -79,6 +81,22 @@ type LinuxCapabilities struct {
Ambient []string `json:"ambient,omitempty" platform:"linux"`
}

// IOPriority represents I/O priority settings for the container's processes within the process group.
type LinuxIOPriority struct {
Class IOPriorityClass `json:"class"`
Priority int `json:"priority"`
}

// IOPriorityClass represents an I/O scheduling class.
type IOPriorityClass string

// Possible values for IOPriorityClass.
const (
IOPRIO_CLASS_RT IOPriorityClass = "IOPRIO_CLASS_RT"
IOPRIO_CLASS_BE IOPriorityClass = "IOPRIO_CLASS_BE"
IOPRIO_CLASS_IDLE IOPriorityClass = "IOPRIO_CLASS_IDLE"
)

// Box specifies dimensions of a rectangle. Used for specifying the size of a console.
type Box struct {
// Height is the vertical dimension of a box.
Expand Down

0 comments on commit 504f70e

Please sign in to comment.