[PATCH 00/10] cgroups: Task counter subsystem v6
Andrew Morton
akpm at linux-foundation.org
Fri Oct 28 23:30:21 UTC 2011
On Tue, 25 Oct 2011 13:06:35 -0700
Tim Hockin <thockin at hockin.org> wrote:
> On Tue, Oct 4, 2011 at 3:01 PM, Andrew Morton <akpm00 at gmail.com> wrote:
> > On Mon, __3 Oct 2011 21:07:02 +0200
> > Frederic Weisbecker <fweisbec at gmail.com> wrote:
> >
> >> Hi Andrew,
> >>
> >> This contains minor changes, mostly documentation and changelog
> >> updates, off-case build fix, and a code optimization in
> >> res_counter_common_ancestor().
> >
> > I'd normally duck a patch series like this when we're at -rc8 and ask
> > for it to be resent late in -rc1. __But I was feeling frisky so I
> > grabbed this lot for a bit of testing and will sit on it until -rc1.
> >
> > I'm still not convinced that the kernel has a burning need for a "task
> > counter subsystem". __Someone convince me that we should merge this!
>
> We have real (accidental) DoS situations which happen because we don't
> have this. It usually takes the form of some library no re-joining
> threads. We end up deploying a few apps linked against this library,
> and suddenly we're in trouble on a machine. Except, this being
> Google, we're in trouble on a lot of machines.
This is a bit foggy. I think you mean that machines are experiencing
accidental forkbombs?
> There may be other ways to cobble this sort of safety together, but
> they are less appealing for various reasons. cgroups are how we
> control groups of related pids.
>
> I'd really love to be able to use this.
Has it been confirmed that this implementation actually solves the
problem? ie: tested a bit?
btw, Frederic told me that this version of the patchset had some
serious problem so it's on hold pending an upgrade, regardless of other
matters.
More information about the Containers
mailing list