Details
-
Enhancement
-
Resolution: Fixed
-
P4
-
8u221, 11, 13, 14
-
b07
-
generic
-
linux
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8285289 | 11.0.16-oracle | Ioi Lam | P4 | Resolved | Fixed | b04 |
| JDK-8283559 | 11.0.16 | Zhengyu Gu | P4 | Resolved | Fixed | b01 |
| JDK-8297880 | openjdk8u372 | Jonathan Dowland | P4 | Resolved | Fixed | b01 |
Description
This enhancement will extend functionality of
Fedora 31 plans to switch to the unified hierarchy by default[1] and will be used as a test system for the cgroups v2 backend. At this point, podman and crun have sufficient support for a cgroups v2 only OS for this work to be possible to start at the JVM level.
Controllers supported for cgroups v2 are: memory, cpu, cpuset
memory controller:
------------------------------------------------------------------------
https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html#memory
$ podman --runtime=/usr/bin/crun run --memory=300M -ti fedora:30 /bin/bash
[root@18bac3504b35 /]# cat /sys/fs/cgroup$(cat /proc/self/cgroup | cut -d':' -f3)/memory.max
314572800
cpu controller:
------------------------------------------------------------------------
https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html#cpu
$ podman --runtime=/usr/bin/crun run --memory=300M --cpu-quota=10000 --cpu-period=10000 -ti fedora:30 /bin/bash
[root@c6561b50c547 /]# cat /sys/fs/cgroup$(cat /proc/self/cgroup | cut -d':' -f3)/cpu.max
10000 10000
OR using --cpu-shares:
$ podman --runtime=/usr/bin/crun run --memory=300M --cpu-shares=1024 -ti fedora:30 /bin/bash
[root@e18f01fca65a /]# cat /sys/fs/cgroup$(cat /proc/self/cgroup | cut -d':' -f3)/cpu.weight
39
Note that with Cgroups V2, there are certain transformations being done as
the OCI spec has been done with Cgroups V1 in mind. See:
https://github.com/containers/crun/blob/master/crun.1.md#cpu-controller
cpuset controller:
------------------------------------------------------------------------
https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html#cpuset
$ podman --runtime=/usr/bin/crun run --memory=300M --cpuset-cpus=0,1 -ti fedora:30 /bin/bash
[root@c6e8caa8f25b /]# cat /sys/fs/cgroup$(cat /proc/self/cgroup | cut -d':' -f3)/cpuset.cpus
0-1
[root@c6e8caa8f25b /]# cat /sys/fs/cgroup$(cat /proc/self/cgroup | cut -d':' -f3)/cpuset.cpus.effective
0-1
On a cgroup v2 only system the current container detection bails with "Required cgroup memory subsystem not found". The below example is for JDK 11, but it's equally valid for JDK 14:
$ podman --runtime=/usr/bin/crun run --memory=300M -ti fedora:30 /bin/bash
[root@a81e632b9aa4 /]# dnf install java-11-openjdk
[...]
[root@a81e632b9aa4 /]# java -Xlog:os+container=trace -version
[0.002s][trace][os,container] OSContainer::init: Initializing Container Support
[0.003s][debug][os,container] Required cgroup memory subsystem not found
openjdk version "11.0.4" 2019-07-16
OpenJDK Runtime Environment 18.9 (build 11.0.4+11)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.4+11, mixed mode, sharing)
[1] https://fedoraproject.org/wiki/Changes/CGroupsV2
Attachments
Issue Links
- backported by
-
JDK-8283559 Cgroups v2: Container awareness
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- relates to
-
JDK-8239785 Cgroups: Incorrect detection logic on old systems in hotspot
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-
-
-
- Resolved
-
- links to
-
Commit
openjdk/jdk8u-dev/7eb2803b
-
Commit
openjdk/jdk11u-dev/8715f37c
-
Review
openjdk/jdk8u-dev/127
-
Review
openjdk/jdk11u-dev/840