Re: [RFD] Provide virtualized CPU system information for containers

From: Eric W. Biederman
Date: Thu Jul 22 2021 - 11:23:09 EST

Next message: Masami Hiramatsu: "Re: [PATCH v2 1/2] tracing: Have histogram types be constant when possible"
Previous message: Vladimir Murzin: "Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one"
In reply to: Pratik Sampat: "[RFD] Provide virtualized CPU system information for containers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

As stated I think this idea is a non-starter.

There is a real problem that there are applications that have a
legitimate need to know what cpu resources are available for them to use
and we don't have a good interfaces for them to request that
information.

I think MESOS solved this by passing a MAX_CPUS environment variable,
and at least the JVM was modified to use that variable.

That said as situations can be a bit more dynamic and fluid having
something where an application can look and see what resources are
available from it's view of the world seems reasonable.

AKA we need something so applications can stop conflating physical
cpu resources that are available with cpu resources that are allowed
to be used in an application.

This might be as simple as implementing a /proc/self/cpus_available
file.

Without the will to go through find existing open source applications
that care and update them so that they will use the new interface I
don't think anything will really happen.

The problem I see with changing existing interfaces that describe the
hardware is that the definition becomes unclear and so different
applications can legitimately expect different things, and it would
become impossible to implement what is needed correctly.

The problem I see with using cgroup interfaces is that they are not
targeted at end user applications and but rather are targeted at the
problem of controlling access to a resource. Using them report what is
available again gets you into the multiple master problem. Especially
as cgroups may not be the only thing in the system controlling access to
your resource.

So I really think the only good solution that people won't mind is to go
through the applications figure out what information is legitimately
needed from an application perspective, and build an interface tailored
for applications to get that information.

Then applications can be updated to use the new interface, and as the
implementation of the system changes the implementation in the kernel
can be updated to keep the applications working.

Eric

Next message: Masami Hiramatsu: "Re: [PATCH v2 1/2] tracing: Have histogram types be constant when possible"
Previous message: Vladimir Murzin: "Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one"
In reply to: Pratik Sampat: "[RFD] Provide virtualized CPU system information for containers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]