aboutsummaryrefslogtreecommitdiffstats
path: root/Documentation/cgroups
diff options
context:
space:
mode:
authorMatt Helsley <matthltc@us.ibm.com>2008-10-18 23:27:24 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-10-20 11:52:34 -0400
commitbde5ab65581a63e9f4f4bacfae8f201d04d25bed (patch)
treeb159612b2acc416878a1a80a0aea47f7469163d2 /Documentation/cgroups
parent1aece34833721d64eb33fc15cd923c727296d3d3 (diff)
container freezer: document the cgroup freezer subsystem.
Describe why we need the freezer subsystem and how to use it in a documentation file. Since the cgroups.txt file is focused on the subsystem-agnostic portions of cgroups make a directory and move the old cgroups.txt file at the same time. Signed-off-by: Matt Helsley <matthltc@us.ibm.com> Cc: Paul Menage <menage@google.com> Cc: containers@lists.linux-foundation.org Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'Documentation/cgroups')
-rw-r--r--Documentation/cgroups/cgroups.txt548
-rw-r--r--Documentation/cgroups/freezer-subsystem.txt99
2 files changed, 647 insertions, 0 deletions
diff --git a/Documentation/cgroups/cgroups.txt b/Documentation/cgroups/cgroups.txt
new file mode 100644
index 000000000000..d9014aa0eb68
--- /dev/null
+++ b/Documentation/cgroups/cgroups.txt
@@ -0,0 +1,548 @@
1 CGROUPS
2 -------
3
4Written by Paul Menage <menage@google.com> based on Documentation/cpusets.txt
5
6Original copyright statements from cpusets.txt:
7Portions Copyright (C) 2004 BULL SA.
8Portions Copyright (c) 2004-2006 Silicon Graphics, Inc.
9Modified by Paul Jackson <pj@sgi.com>
10Modified by Christoph Lameter <clameter@sgi.com>
11
12CONTENTS:
13=========
14
151. Control Groups
16 1.1 What are cgroups ?
17 1.2 Why are cgroups needed ?
18 1.3 How are cgroups implemented ?
19 1.4 What does notify_on_release do ?
20 1.5 How do I use cgroups ?
212. Usage Examples and Syntax
22 2.1 Basic Usage
23 2.2 Attaching processes
243. Kernel API
25 3.1 Overview
26 3.2 Synchronization
27 3.3 Subsystem API
284. Questions
29
301. Control Groups
31=================
32
331.1 What are cgroups ?
34----------------------
35
36Control Groups provide a mechanism for aggregating/partitioning sets of
37tasks, and all their future children, into hierarchical groups with
38specialized behaviour.
39
40Definitions:
41
42A *cgroup* associates a set of tasks with a set of parameters for one
43or more subsystems.
44
45A *subsystem* is a module that makes use of the task grouping
46facilities provided by cgroups to treat groups of tasks in
47particular ways. A subsystem is typically a "resource controller" that
48schedules a resource or applies per-cgroup limits, but it may be
49anything that wants to act on a group of processes, e.g. a
50virtualization subsystem.
51
52A *hierarchy* is a set of cgroups arranged in a tree, such that
53every task in the system is in exactly one of the cgroups in the
54hierarchy, and a set of subsystems; each subsystem has system-specific
55state attached to each cgroup in the hierarchy. Each hierarchy has
56an instance of the cgroup virtual filesystem associated with it.
57
58At any one time there may be multiple active hierachies of task
59cgroups. Each hierarchy is a partition of all tasks in the system.
60
61User level code may create and destroy cgroups by name in an
62instance of the cgroup virtual file system, specify and query to
63which cgroup a task is assigned, and list the task pids assigned to
64a cgroup. Those creations and assignments only affect the hierarchy
65associated with that instance of the cgroup file system.
66
67On their own, the only use for cgroups is for simple job
68tracking. The intention is that other subsystems hook into the generic
69cgroup support to provide new attributes for cgroups, such as
70accounting/limiting the resources which processes in a cgroup can
71access. For example, cpusets (see Documentation/cpusets.txt) allows
72you to associate a set of CPUs and a set of memory nodes with the
73tasks in each cgroup.
74
751.2 Why are cgroups needed ?
76----------------------------
77
78There are multiple efforts to provide process aggregations in the
79Linux kernel, mainly for resource tracking purposes. Such efforts
80include cpusets, CKRM/ResGroups, UserBeanCounters, and virtual server
81namespaces. These all require the basic notion of a
82grouping/partitioning of processes, with newly forked processes ending
83in the same group (cgroup) as their parent process.
84
85The kernel cgroup patch provides the minimum essential kernel
86mechanisms required to efficiently implement such groups. It has
87minimal impact on the system fast paths, and provides hooks for
88specific subsystems such as cpusets to provide additional behaviour as
89desired.
90
91Multiple hierarchy support is provided to allow for situations where
92the division of tasks into cgroups is distinctly different for
93different subsystems - having parallel hierarchies allows each
94hierarchy to be a natural division of tasks, without having to handle
95complex combinations of tasks that would be present if several
96unrelated subsystems needed to be forced into the same tree of
97cgroups.
98
99At one extreme, each resource controller or subsystem could be in a
100separate hierarchy; at the other extreme, all subsystems
101would be attached to the same hierarchy.
102
103As an example of a scenario (originally proposed by vatsa@in.ibm.com)
104that can benefit from multiple hierarchies, consider a large
105university server with various users - students, professors, system
106tasks etc. The resource planning for this server could be along the
107following lines:
108
109 CPU : Top cpuset
110 / \
111 CPUSet1 CPUSet2
112 | |
113 (Profs) (Students)
114
115 In addition (system tasks) are attached to topcpuset (so
116 that they can run anywhere) with a limit of 20%
117
118 Memory : Professors (50%), students (30%), system (20%)
119
120 Disk : Prof (50%), students (30%), system (20%)
121
122 Network : WWW browsing (20%), Network File System (60%), others (20%)
123 / \
124 Prof (15%) students (5%)
125
126Browsers like firefox/lynx go into the WWW network class, while (k)nfsd go
127into NFS network class.
128
129At the same time firefox/lynx will share an appropriate CPU/Memory class
130depending on who launched it (prof/student).
131
132With the ability to classify tasks differently for different resources
133(by putting those resource subsystems in different hierarchies) then
134the admin can easily set up a script which receives exec notifications
135and depending on who is launching the browser he can
136
137 # echo browser_pid > /mnt/<restype>/<userclass>/tasks
138
139With only a single hierarchy, he now would potentially have to create
140a separate cgroup for every browser launched and associate it with
141approp network and other resource class. This may lead to
142proliferation of such cgroups.
143
144Also lets say that the administrator would like to give enhanced network
145access temporarily to a student's browser (since it is night and the user
146wants to do online gaming :)) OR give one of the students simulation
147apps enhanced CPU power,
148
149With ability to write pids directly to resource classes, it's just a
150matter of :
151
152 # echo pid > /mnt/network/<new_class>/tasks
153 (after some time)
154 # echo pid > /mnt/network/<orig_class>/tasks
155
156Without this ability, he would have to split the cgroup into
157multiple separate ones and then associate the new cgroups with the
158new resource classes.
159
160
161
1621.3 How are cgroups implemented ?
163---------------------------------
164
165Control Groups extends the kernel as follows:
166
167 - Each task in the system has a reference-counted pointer to a
168 css_set.
169
170 - A css_set contains a set of reference-counted pointers to
171 cgroup_subsys_state objects, one for each cgroup subsystem
172 registered in the system. There is no direct link from a task to
173 the cgroup of which it's a member in each hierarchy, but this
174 can be determined by following pointers through the
175 cgroup_subsys_state objects. This is because accessing the
176 subsystem state is something that's expected to happen frequently
177 and in performance-critical code, whereas operations that require a
178 task's actual cgroup assignments (in particular, moving between
179 cgroups) are less common. A linked list runs through the cg_list
180 field of each task_struct using the css_set, anchored at
181 css_set->tasks.
182
183 - A cgroup hierarchy filesystem can be mounted for browsing and
184 manipulation from user space.
185
186 - You can list all the tasks (by pid) attached to any cgroup.
187
188The implementation of cgroups requires a few, simple hooks
189into the rest of the kernel, none in performance critical paths:
190
191 - in init/main.c, to initialize the root cgroups and initial
192 css_set at system boot.
193
194 - in fork and exit, to attach and detach a task from its css_set.
195
196In addition a new file system, of type "cgroup" may be mounted, to
197enable browsing and modifying the cgroups presently known to the
198kernel. When mounting a cgroup hierarchy, you may specify a
199comma-separated list of subsystems to mount as the filesystem mount
200options. By default, mounting the cgroup filesystem attempts to
201mount a hierarchy containing all registered subsystems.
202
203If an active hierarchy with exactly the same set of subsystems already
204exists, it will be reused for the new mount. If no existing hierarchy
205matches, and any of the requested subsystems are in use in an existing
206hierarchy, the mount will fail with -EBUSY. Otherwise, a new hierarchy
207is activated, associated with the requested subsystems.
208
209It's not currently possible to bind a new subsystem to an active
210cgroup hierarchy, or to unbind a subsystem from an active cgroup
211hierarchy. This may be possible in future, but is fraught with nasty
212error-recovery issues.
213
214When a cgroup filesystem is unmounted, if there are any
215child cgroups created below the top-level cgroup, that hierarchy
216will remain active even though unmounted; if there are no
217child cgroups then the hierarchy will be deactivated.
218
219No new system calls are added for cgroups - all support for
220querying and modifying cgroups is via this cgroup file system.
221
222Each task under /proc has an added file named 'cgroup' displaying,
223for each active hierarchy, the subsystem names and the cgroup name
224as the path relative to the root of the cgroup file system.
225
226Each cgroup is represented by a directory in the cgroup file system
227containing the following files describing that cgroup:
228
229 - tasks: list of tasks (by pid) attached to that cgroup
230 - releasable flag: cgroup currently removeable?
231 - notify_on_release flag: run the release agent on exit?
232 - release_agent: the path to use for release notifications (this file
233 exists in the top cgroup only)
234
235Other subsystems such as cpusets may add additional files in each
236cgroup dir.
237
238New cgroups are created using the mkdir system call or shell
239command. The properties of a cgroup, such as its flags, are
240modified by writing to the appropriate file in that cgroups
241directory, as listed above.
242
243The named hierarchical structure of nested cgroups allows partitioning
244a large system into nested, dynamically changeable, "soft-partitions".
245
246The attachment of each task, automatically inherited at fork by any
247children of that task, to a cgroup allows organizing the work load
248on a system into related sets of tasks. A task may be re-attached to
249any other cgroup, if allowed by the permissions on the necessary
250cgroup file system directories.
251
252When a task is moved from one cgroup to another, it gets a new
253css_set pointer - if there's an already existing css_set with the
254desired collection of cgroups then that group is reused, else a new
255css_set is allocated. Note that the current implementation uses a
256linear search to locate an appropriate existing css_set, so isn't
257very efficient. A future version will use a hash table for better
258performance.
259
260To allow access from a cgroup to the css_sets (and hence tasks)
261that comprise it, a set of cg_cgroup_link objects form a lattice;
262each cg_cgroup_link is linked into a list of cg_cgroup_links for
263a single cgroup on its cgrp_link_list field, and a list of
264cg_cgroup_links for a single css_set on its cg_link_list.
265
266Thus the set of tasks in a cgroup can be listed by iterating over
267each css_set that references the cgroup, and sub-iterating over
268each css_set's task set.
269
270The use of a Linux virtual file system (vfs) to represent the
271cgroup hierarchy provides for a familiar permission and name space
272for cgroups, with a minimum of additional kernel code.
273
2741.4 What does notify_on_release do ?
275------------------------------------
276
277If the notify_on_release flag is enabled (1) in a cgroup, then
278whenever the last task in the cgroup leaves (exits or attaches to
279some other cgroup) and the last child cgroup of that cgroup
280is removed, then the kernel runs the command specified by the contents
281of the "release_agent" file in that hierarchy's root directory,
282supplying the pathname (relative to the mount point of the cgroup
283file system) of the abandoned cgroup. This enables automatic
284removal of abandoned cgroups. The default value of
285notify_on_release in the root cgroup at system boot is disabled
286(0). The default value of other cgroups at creation is the current
287value of their parents notify_on_release setting. The default value of
288a cgroup hierarchy's release_agent path is empty.
289
2901.5 How do I use cgroups ?
291--------------------------
292
293To start a new job that is to be contained within a cgroup, using
294the "cpuset" cgroup subsystem, the steps are something like:
295
296 1) mkdir /dev/cgroup
297 2) mount -t cgroup -ocpuset cpuset /dev/cgroup
298 3) Create the new cgroup by doing mkdir's and write's (or echo's) in
299 the /dev/cgroup virtual file system.
300 4) Start a task that will be the "founding father" of the new job.
301 5) Attach that task to the new cgroup by writing its pid to the
302 /dev/cgroup tasks file for that cgroup.
303 6) fork, exec or clone the job tasks from this founding father task.
304
305For example, the following sequence of commands will setup a cgroup
306named "Charlie", containing just CPUs 2 and 3, and Memory Node 1,
307and then start a subshell 'sh' in that cgroup:
308
309 mount -t cgroup cpuset -ocpuset /dev/cgroup
310 cd /dev/cgroup
311 mkdir Charlie
312 cd Charlie
313 /bin/echo 2-3 > cpuset.cpus
314 /bin/echo 1 > cpuset.mems
315 /bin/echo $$ > tasks
316 sh
317 # The subshell 'sh' is now running in cgroup Charlie
318 # The next line should display '/Charlie'
319 cat /proc/self/cgroup
320
3212. Usage Examples and Syntax
322============================
323
3242.1 Basic Usage
325---------------
326
327Creating, modifying, using the cgroups can be done through the cgroup
328virtual filesystem.
329
330To mount a cgroup hierarchy will all available subsystems, type:
331# mount -t cgroup xxx /dev/cgroup
332
333The "xxx" is not interpreted by the cgroup code, but will appear in
334/proc/mounts so may be any useful identifying string that you like.
335
336To mount a cgroup hierarchy with just the cpuset and numtasks
337subsystems, type:
338# mount -t cgroup -o cpuset,numtasks hier1 /dev/cgroup
339
340To change the set of subsystems bound to a mounted hierarchy, just
341remount with different options:
342
343# mount -o remount,cpuset,ns /dev/cgroup
344
345Note that changing the set of subsystems is currently only supported
346when the hierarchy consists of a single (root) cgroup. Supporting
347the ability to arbitrarily bind/unbind subsystems from an existing
348cgroup hierarchy is intended to be implemented in the future.
349
350Then under /dev/cgroup you can find a tree that corresponds to the
351tree of the cgroups in the system. For instance, /dev/cgroup
352is the cgroup that holds the whole system.
353
354If you want to create a new cgroup under /dev/cgroup:
355# cd /dev/cgroup
356# mkdir my_cgroup
357
358Now you want to do something with this cgroup.
359# cd my_cgroup
360
361In this directory you can find several files:
362# ls
363notify_on_release releasable tasks
364(plus whatever files added by the attached subsystems)
365
366Now attach your shell to this cgroup:
367# /bin/echo $$ > tasks
368
369You can also create cgroups inside your cgroup by using mkdir in this
370directory.
371# mkdir my_sub_cs
372
373To remove a cgroup, just use rmdir:
374# rmdir my_sub_cs
375
376This will fail if the cgroup is in use (has cgroups inside, or
377has processes attached, or is held alive by other subsystem-specific
378reference).
379
3802.2 Attaching processes
381-----------------------
382
383# /bin/echo PID > tasks
384
385Note that it is PID, not PIDs. You can only attach ONE task at a time.
386If you have several tasks to attach, you have to do it one after another:
387
388# /bin/echo PID1 > tasks
389# /bin/echo PID2 > tasks
390 ...
391# /bin/echo PIDn > tasks
392
393You can attach the current shell task by echoing 0:
394
395# echo 0 > tasks
396
3973. Kernel API
398=============
399
4003.1 Overview
401------------
402
403Each kernel subsystem that wants to hook into the generic cgroup
404system needs to create a cgroup_subsys object. This contains
405various methods, which are callbacks from the cgroup system, along
406with a subsystem id which will be assigned by the cgroup system.
407
408Other fields in the cgroup_subsys object include:
409
410- subsys_id: a unique array index for the subsystem, indicating which
411 entry in cgroup->subsys[] this subsystem should be managing.
412
413- name: should be initialized to a unique subsystem name. Should be
414 no longer than MAX_CGROUP_TYPE_NAMELEN.
415
416- early_init: indicate if the subsystem needs early initialization
417 at system boot.
418
419Each cgroup object created by the system has an array of pointers,
420indexed by subsystem id; this pointer is entirely managed by the
421subsystem; the generic cgroup code will never touch this pointer.
422
4233.2 Synchronization
424-------------------
425
426There is a global mutex, cgroup_mutex, used by the cgroup
427system. This should be taken by anything that wants to modify a
428cgroup. It may also be taken to prevent cgroups from being
429modified, but more specific locks may be more appropriate in that
430situation.
431
432See kernel/cgroup.c for more details.
433
434Subsystems can take/release the cgroup_mutex via the functions
435cgroup_lock()/cgroup_unlock().
436
437Accessing a task's cgroup pointer may be done in the following ways:
438- while holding cgroup_mutex
439- while holding the task's alloc_lock (via task_lock())
440- inside an rcu_read_lock() section via rcu_dereference()
441
4423.3 Subsystem API
443-----------------
444
445Each subsystem should:
446
447- add an entry in linux/cgroup_subsys.h
448- define a cgroup_subsys object called <name>_subsys
449
450Each subsystem may export the following methods. The only mandatory
451methods are create/destroy. Any others that are null are presumed to
452be successful no-ops.
453
454struct cgroup_subsys_state *create(struct cgroup_subsys *ss,
455 struct cgroup *cgrp)
456(cgroup_mutex held by caller)
457
458Called to create a subsystem state object for a cgroup. The
459subsystem should allocate its subsystem state object for the passed
460cgroup, returning a pointer to the new object on success or a
461negative error code. On success, the subsystem pointer should point to
462a structure of type cgroup_subsys_state (typically embedded in a
463larger subsystem-specific object), which will be initialized by the
464cgroup system. Note that this will be called at initialization to
465create the root subsystem state for this subsystem; this case can be
466identified by the passed cgroup object having a NULL parent (since
467it's the root of the hierarchy) and may be an appropriate place for
468initialization code.
469
470void destroy(struct cgroup_subsys *ss, struct cgroup *cgrp)
471(cgroup_mutex held by caller)
472
473The cgroup system is about to destroy the passed cgroup; the subsystem
474should do any necessary cleanup and free its subsystem state
475object. By the time this method is called, the cgroup has already been
476unlinked from the file system and from the child list of its parent;
477cgroup->parent is still valid. (Note - can also be called for a
478newly-created cgroup if an error occurs after this subsystem's
479create() method has been called for the new cgroup).
480
481void pre_destroy(struct cgroup_subsys *ss, struct cgroup *cgrp);
482(cgroup_mutex held by caller)
483
484Called before checking the reference count on each subsystem. This may
485be useful for subsystems which have some extra references even if
486there are not tasks in the cgroup.
487
488int can_attach(struct cgroup_subsys *ss, struct cgroup *cgrp,
489 struct task_struct *task)
490(cgroup_mutex held by caller)
491
492Called prior to moving a task into a cgroup; if the subsystem
493returns an error, this will abort the attach operation. If a NULL
494task is passed, then a successful result indicates that *any*
495unspecified task can be moved into the cgroup. Note that this isn't
496called on a fork. If this method returns 0 (success) then this should
497remain valid while the caller holds cgroup_mutex.
498
499void attach(struct cgroup_subsys *ss, struct cgroup *cgrp,
500 struct cgroup *old_cgrp, struct task_struct *task)
501
502Called after the task has been attached to the cgroup, to allow any
503post-attachment activity that requires memory allocations or blocking.
504
505void fork(struct cgroup_subsy *ss, struct task_struct *task)
506
507Called when a task is forked into a cgroup.
508
509void exit(struct cgroup_subsys *ss, struct task_struct *task)
510
511Called during task exit.
512
513int populate(struct cgroup_subsys *ss, struct cgroup *cgrp)
514
515Called after creation of a cgroup to allow a subsystem to populate
516the cgroup directory with file entries. The subsystem should make
517calls to cgroup_add_file() with objects of type cftype (see
518include/linux/cgroup.h for details). Note that although this
519method can return an error code, the error code is currently not
520always handled well.
521
522void post_clone(struct cgroup_subsys *ss, struct cgroup *cgrp)
523
524Called at the end of cgroup_clone() to do any paramater
525initialization which might be required before a task could attach. For
526example in cpusets, no task may attach before 'cpus' and 'mems' are set
527up.
528
529void bind(struct cgroup_subsys *ss, struct cgroup *root)
530(cgroup_mutex held by caller)
531
532Called when a cgroup subsystem is rebound to a different hierarchy
533and root cgroup. Currently this will only involve movement between
534the default hierarchy (which never has sub-cgroups) and a hierarchy
535that is being created/destroyed (and hence has no sub-cgroups).
536
5374. Questions
538============
539
540Q: what's up with this '/bin/echo' ?
541A: bash's builtin 'echo' command does not check calls to write() against
542 errors. If you use it in the cgroup file system, you won't be
543 able to tell whether a command succeeded or failed.
544
545Q: When I attach processes, only the first of the line gets really attached !
546A: We can only return one error code per call to write(). So you should also
547 put only ONE pid.
548
diff --git a/Documentation/cgroups/freezer-subsystem.txt b/Documentation/cgroups/freezer-subsystem.txt
new file mode 100644
index 000000000000..c50ab58b72eb
--- /dev/null
+++ b/Documentation/cgroups/freezer-subsystem.txt
@@ -0,0 +1,99 @@
1 The cgroup freezer is useful to batch job management system which start
2and stop sets of tasks in order to schedule the resources of a machine
3according to the desires of a system administrator. This sort of program
4is often used on HPC clusters to schedule access to the cluster as a
5whole. The cgroup freezer uses cgroups to describe the set of tasks to
6be started/stopped by the batch job management system. It also provides
7a means to start and stop the tasks composing the job.
8
9 The cgroup freezer will also be useful for checkpointing running groups
10of tasks. The freezer allows the checkpoint code to obtain a consistent
11image of the tasks by attempting to force the tasks in a cgroup into a
12quiescent state. Once the tasks are quiescent another task can
13walk /proc or invoke a kernel interface to gather information about the
14quiesced tasks. Checkpointed tasks can be restarted later should a
15recoverable error occur. This also allows the checkpointed tasks to be
16migrated between nodes in a cluster by copying the gathered information
17to another node and restarting the tasks there.
18
19 Sequences of SIGSTOP and SIGCONT are not always sufficient for stopping
20and resuming tasks in userspace. Both of these signals are observable
21from within the tasks we wish to freeze. While SIGSTOP cannot be caught,
22blocked, or ignored it can be seen by waiting or ptracing parent tasks.
23SIGCONT is especially unsuitable since it can be caught by the task. Any
24programs designed to watch for SIGSTOP and SIGCONT could be broken by
25attempting to use SIGSTOP and SIGCONT to stop and resume tasks. We can
26demonstrate this problem using nested bash shells:
27
28 $ echo $$
29 16644
30 $ bash
31 $ echo $$
32 16690
33
34 From a second, unrelated bash shell:
35 $ kill -SIGSTOP 16690
36 $ kill -SIGCONT 16990
37
38 <at this point 16990 exits and causes 16644 to exit too>
39
40 This happens because bash can observe both signals and choose how it
41responds to them.
42
43 Another example of a program which catches and responds to these
44signals is gdb. In fact any program designed to use ptrace is likely to
45have a problem with this method of stopping and resuming tasks.
46
47 In contrast, the cgroup freezer uses the kernel freezer code to
48prevent the freeze/unfreeze cycle from becoming visible to the tasks
49being frozen. This allows the bash example above and gdb to run as
50expected.
51
52 The freezer subsystem in the container filesystem defines a file named
53freezer.state. Writing "FROZEN" to the state file will freeze all tasks in the
54cgroup. Subsequently writing "THAWED" will unfreeze the tasks in the cgroup.
55Reading will return the current state.
56
57* Examples of usage :
58
59 # mkdir /containers/freezer
60 # mount -t cgroup -ofreezer freezer /containers
61 # mkdir /containers/0
62 # echo $some_pid > /containers/0/tasks
63
64to get status of the freezer subsystem :
65
66 # cat /containers/0/freezer.state
67 THAWED
68
69to freeze all tasks in the container :
70
71 # echo FROZEN > /containers/0/freezer.state
72 # cat /containers/0/freezer.state
73 FREEZING
74 # cat /containers/0/freezer.state
75 FROZEN
76
77to unfreeze all tasks in the container :
78
79 # echo THAWED > /containers/0/freezer.state
80 # cat /containers/0/freezer.state
81 THAWED
82
83This is the basic mechanism which should do the right thing for user space task
84in a simple scenario.
85
86It's important to note that freezing can be incomplete. In that case we return
87EBUSY. This means that some tasks in the cgroup are busy doing something that
88prevents us from completely freezing the cgroup at this time. After EBUSY,
89the cgroup will remain partially frozen -- reflected by freezer.state reporting
90"FREEZING" when read. The state will remain "FREEZING" until one of these
91things happens:
92
93 1) Userspace cancels the freezing operation by writing "THAWED" to
94 the freezer.state file
95 2) Userspace retries the freezing operation by writing "FROZEN" to
96 the freezer.state file (writing "FREEZING" is not legal
97 and returns EIO)
98 3) The tasks that blocked the cgroup from entering the "FROZEN"
99 state disappear from the cgroup's set of tasks.