systemd-nspawn creates a cgroup for each container launched. It would be useful to choose in which cgroup hierarchies this cgroup will appear, similarly to the "DefaultControllers" option of systemd.conf. This would be supported via a commandline flag, like "-C cpu,freezer" For example making it appear in the cpu:/ hierarchy would enable to say "i do not want this container to eat more that 75% of cpu", or making it appear in the freeze:/ hierarchy would enable to pause a container. This would be useful in the case, for example, of a chrooted building environnment when you don't want the build to eat all your cpu.
Yupp, makes a lot of sense, happy to take a patch!
Created attachment 59801 [details] [review] Patch delivered Here is the patch. It is made against v44 but seems to apply cleanly on master. I didn't build the manpage (dunno how to make it without making the whole thing), so i'm not *certain* there is no syntax error. This patch does not verify if the specified controllers exist so if you enter "-C lol,blah" it will create /sys/fs/cgroup/{lol,blah}/user/<user>/<session>/nspawn-<pid>/tasks and this won't be wiped at the exit of the container. Also, if you enter contrived inputs like "-C ," it will crash with "Assertion 'controller' failed at src/cgroup-util.c:693, function cg_create_and_attach(). Aborting."
Created attachment 59804 [details] [review] With STRV_FOREACH
Created attachment 59805 [details] [review] v3
Thanks, applied with minor changes!
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.