lxcfs icon indicating copy to clipboard operation
lxcfs copied to clipboard

Published 20 hours ago verified publisher icon lxc

k8s shareProcessNamespace not supported

Open Hellojungle opened this issue 3 years ago • 2 comments

Hello, there are problems when use shareProcessNamespace in k8s. The initpid is pause when using shareProcessNamespace, could we always use the caller's pid to lookup the cgroup hierarchy?

Hellojungle avatar May 31 '22 08:05 Hellojungle

encountered the same problem

silenceper avatar Aug 19 '22 11:08 silenceper

I'm pretty sure we can't. We're doing things this way to properly handle containers that have nested cgroups.

That's unlikely to be common place in the k8s world, but in the LXC/LXD world, most containers run systemd which means that most tasks within those containers will belong to a nested cgroup. We want CPU, memory, ... information reported to those processes to match that of the entire container, not just their particular service.

stgraber avatar Aug 19 '22 17:08 stgraber