How to analyze the basis of cgroups 01/19 Update SLTechnology News&Howtos

How to analyze the basis of cgroups

2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)05/31 Report--

Today, I will talk to you about how to carry out the basic analysis of cgroups. Many people may not know much about it. In order to make you understand better, the editor has summarized the following contents for you. I hope you can get something according to this article.

Pod is the basic unit of K8s scheduling. Each Pod has its own independent namespace, network interface, and shared disk resources. The containers in the same pod is visible to each other and can communicate directly.

To understand how Pod achieves resource isolation, we need to understand two Linux kernel-level functions on which container technology depends: namespace & cgroups.

Supplement

In practice, a subsystem is often bound to a hierarchy to realize the control of this kind of resources.

Execute lssubsys-m on a k8s node node, and you can see

There are 9 hierarchy under / sys/fs/cgroup, each bound with different subsystem. These hierarchy have exactly the same directory structure, and the restrictions on each pod & container are stored in the directory.

/ sys/fs/cgroup/ {subsystem} / kubepods/pod {podUID} / {containerID}

Run a pod of podUID=9eca1a96-2b23-11e8-9b0d-525400453ff7 on this node, which we can see in the / sys/fs/cgroup/memory/kubepods/pod9eca1a96-2b23-11e8-9b0d-525400453ff7/ directory

From the directory structure, you can see that there are two container running in the pod. One of the id=80916a0bf7b337f7606a8f8bb7d79d0949c2e4ff206096e5b6f110a797657bb2 coincides with the working containerID. The other ID should represent sandbox container.

In the working containerID directory, you can find the configuration for the memory limit of the container.

For other subsystem (cpu, etc.), their directory structure is exactly the same, except for the configuration information.

Under the / sys/fs/cgroup/cpu/kubepods/pod9eca1a96-2b23-11e8-9b0d-525400453ff7/ directory, we can find the following:

After reading the above, do you have any further understanding of how to conduct cgroups basic analysis? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.