Cgroups in Aurae
We need a way to map processes to cgroups or in Aurae parlance executables to cells.
Given a cgroup my-cell and two nested processes:
sleep 500with the namesleep-500sleep 60with the namesleep-60
How do we identify which PID to send signals to if the user intends to start/stop either the sleep-500 or the sleep-60 process within the cell?
Research with Systemd
The way systemd manages this is by storing the Unit file contents in memory during the duration of the process. This is why systemd daemon-reload must be executed before changes to the current unit file are effective. The mapping of the configuration in the Unit file to the sub-processes is managed in memory.
Differences from Systemd
We would like to be able to start and stop arbitrary processes within a given cell. We currently believe that systemd creates a cgroup for each service, and the only way to "add" nested processes to a cgroup is by restarting the service with a hook to launch the intended nested process.
Option 1) The "/var/run/aurae/cells" Way
We create a new directory upon starting the daemon called /var/run/aurae/cells that we assume ownership of. We bake in the initialization setup in the same way we manage /var/run/aurae.sock.
For every cell that is allocated we also create a file:
/var/run/aurae/cells/my-cell
We use the pre_exec function to create a file descriptor for each nested process that points back to the cell file. The children will store the file descriptors and not the parent.
Author: Kris NĂ³va