Skip to content

Commit

Permalink
specs-go/config: Define RDMA cgroup
Browse files Browse the repository at this point in the history 
Linux kernel 4.11 adds support for RDMA cgroup resource controller.
This allows limiting maximum number of open hca_handle and maximum number of
hca_objects which can be created by processes.

config-linux: Add documentation for Linux RDMA cgroup

Add documentation, example and link to kernel documentation for
Linux RDMA cgroup.

additionalProperties is defined for the JSON Schema draft-04 in [1]
with clearer documentation in draft-07 [2]. It is supportd by
gojsonschema since xeipuuv/gojsonschema@0572d9d (added
additionalProperties with inner schema, 2013-06-21).

[1]: https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.4.4
[2]: https://tools.ietf.org/html/draft-handrews-json-schema-validation-00#section-6.5.6

Signed-off-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: W. Trevor King <wking@tremily.us>
  • Loading branch information
@paravmellanox
paravmellanox committed Feb 27, 2018
1 parent 7a8c2c8 commit 2e241f7
Show file tree
Hide file tree
Showing 6 changed files with 98 additions and 1 deletion.
33 changes: 32 additions & 1 deletion config-linux.md
View file
Expand Up @@ -169,7 +169,7 @@ In addition to any devices configured with this setting, the runtime MUST also s
## <a name="configLinuxControlGroups" />Control groups

Also known as cgroups, they are used to restrict resource usage for a container and handle device access.
cgroups provide controls (through controllers) to restrict cpu, memory, IO, pids and network for the container.
cgroups provide controls (through controllers) to restrict cpu, memory, IO, pids, network and RDMA resources for the container.
For more information, see the [kernel cgroups documentation][cgroup-v1].

### <a name="configLinuxCgroupsPath" />Cgroups Path
Expand Down Expand Up @@ -455,6 +455,36 @@ The following parameters can be specified to set up the controller:
}
```

### <a name="configLinuxRDMA" />RDMA

**`rdma`** (object, OPTIONAL) represents the cgroup subsystem `rdma`.
For more information, see the kernel cgroups documentation about [rdma][cgroup-v1-rdma].

The name of the device to limit is the entry key.
Entry values are objects with the following properties:

* **`hcaHandles`** *(uint32, OPTIONAL)* - specifies the maximum number of hca_handles in the cgroup
* **`hcaObjects`** *(uint32, OPTIONAL)* - specifies the maximum number of hca_objects in the cgroup

You MUST specify at least one of the `hcaHandles` or `hcaObjects` in a given entry, and MAY specify both.

#### Example

```json
"rdma": {
"mlx5_1": {
"hcaHandles": 3,
"hcaObjects": 10000
},
"mlx4_0": {
"hcaObjects": 1000
},
"rxe3": {
"hcaObjects": 10000
}
}
```

## <a name="configLinuxIntelRdt" />IntelRdt

**`intelRdt`** (object, OPTIONAL) represents the [Intel Resource Director Technology][intel-rdt-cat-kernel-interface].
Expand Down Expand Up @@ -647,6 +677,7 @@ The following parameters can be specified to set up seccomp:
[cgroup-v1-net-cls]: https://www.kernel.org/doc/Documentation/cgroup-v1/net_cls.txt
[cgroup-v1-net-prio]: https://www.kernel.org/doc/Documentation/cgroup-v1/net_prio.txt
[cgroup-v1-pids]: https://www.kernel.org/doc/Documentation/cgroup-v1/pids.txt
[cgroup-v1-rdma]: https://www.kernel.org/doc/Documentation/cgroup-v1/rdma.txt
[cgroup-v2]: https://www.kernel.org/doc/Documentation/cgroup-v2.txt
[devices]: https://www.kernel.org/doc/Documentation/admin-guide/devices.txt
[devpts]: https://www.kernel.org/doc/Documentation/filesystems/devpts.txt
Expand Down
6 changes: 6 additions & 0 deletions schema/config-linux.json
View file
Expand Up @@ -175,6 +175,12 @@
}
}
}
},
"rdma": {
"type": "object",
"additionalProperties": {
"$ref": "defs-linux.json#/definitions/Rdma"
}
}
}
},
Expand Down
11 changes: 11 additions & 0 deletions schema/defs-linux.json
View file
Expand Up @@ -240,6 +240,17 @@
"priority"
]
},
"Rdma": {
"type": "object",
"properties": {
"hcaHandles": {
"$ref": "defs.json#/definitions/uint32"
},
"hcaObjects": {
"$ref": "defs.json#/definitions/uint32"
}
}
},
"NamespaceType": {
"type": "string",
"enum": [
Expand Down
15 changes: 15 additions & 0 deletions schema/test/config/bad/linux-rdma.json
View file
@@ -0,0 +1,15 @@
{
"ociVersion": "1.0.0",
"root": {
"path": "rootfs"
},
"linux": {
"resources": {
"rdma": {
"mlx5_1": {
"hcaHandles": "not a uint32"
}
}
}
}
}
22 changes: 22 additions & 0 deletions schema/test/config/good/linux-rdma.json
View file
@@ -0,0 +1,22 @@
{
"ociVersion": "1.0.0",
"root": {
"path": "rootfs"
},
"linux": {
"resources": {
"rdma": {
"mlx5_1": {
"hcaHandles": 3,
"hcaObjects": 10000
},
"mlx4_0": {
"hcaObjects": 1000
},
"rxe3": {
"hcaObjects": 10000
}
}
}
}
}
12 changes: 12 additions & 0 deletions specs-go/config.go
View file
Expand Up @@ -320,6 +320,14 @@ type LinuxNetwork struct {
Priorities []LinuxInterfacePriority `json:"priorities,omitempty"`
}

// LinuxRdma for Linux cgroup 'rdma' resource management (Linux 4.11)
type LinuxRdma struct {
// Maximum number of HCA handles that can be opened. Default is "no limit".
HcaHandles *uint32 `json:"hcaHandles,omitempty"`
// Maximum number of HCA objects that can be created. Default is "no limit".
HcaObjects *uint32 `json:"hcaObjects,omitempty"`
}

// LinuxResources has container runtime resource constraints
type LinuxResources struct {
// Devices configures the device whitelist.
Expand All @@ -336,6 +344,10 @@ type LinuxResources struct {
HugepageLimits []LinuxHugepageLimit `json:"hugepageLimits,omitempty"`
// Network restriction configuration
Network *LinuxNetwork `json:"network,omitempty"`
// Rdma resource restriction configuration.
// Limits are a set of key value pairs that define RDMA resource limits,
// where the key is device name and value is resource limits.
Rdma map[string]LinuxRdma `json:"rdma,omitempty"`
}

// LinuxDevice represents the mknod information for a Linux special device file
Expand Down

0 comments on commit 2e241f7

Please sign in to comment.