@@ -86,6 +86,8 @@ type JailerConfig struct {
8686 // CgroupVersion is the version of the cgroup filesystem to use.
8787 CgroupVersion string
8888
89+ CgroupArgs []string
90+
8991 // Stdout specifies the IO writer for STDOUT to use when spawning the jailer.
9092 Stdout io.Writer
9193 // Stderr specifies the IO writer for STDERR to use when spawning the jailer.
@@ -109,6 +111,7 @@ type JailerCommandBuilder struct {
109111 daemonize bool
110112 firecrackerArgs []string
111113 cgroupVersion string
114+ cgroupArgs []string
112115 node * int
113116
114117 stdin io.Reader
@@ -139,6 +142,10 @@ func (b JailerCommandBuilder) Args() []string {
139142 args = append (args , "--gid" , strconv .Itoa (b .gid ))
140143 args = append (args , "--exec-file" , b .execFile )
141144
145+ for _ , cgroupArg := range b .cgroupArgs {
146+ args = append (args , "--cgroup" , cgroupArg )
147+ }
148+
142149 if b .node != nil {
143150 if cpulist := getNumaCpuset (* b .node ); len (cpulist ) > 0 {
144151 args = append (args , "--cgroup" , fmt .Sprintf ("cpuset.mems=%d" , b .node ))
@@ -214,6 +221,11 @@ func (b JailerCommandBuilder) WithNumaNode(node int) JailerCommandBuilder {
214221 return b
215222}
216223
224+ func (b JailerCommandBuilder ) WithCgroupArgs (cgroupArgs ... string ) JailerCommandBuilder {
225+ b .cgroupArgs = cgroupArgs
226+ return b
227+ }
228+
217229// WithChrootBaseDir will set the given path as the chroot base directory. This
218230// specifies where chroot jails are built and defaults to /srv/jailer.
219231func (b JailerCommandBuilder ) WithChrootBaseDir (path string ) JailerCommandBuilder {
@@ -350,6 +362,7 @@ func jail(ctx context.Context, m *Machine, cfg *Config) error {
350362 WithChrootBaseDir (cfg .JailerCfg .ChrootBaseDir ).
351363 WithDaemonize (cfg .JailerCfg .Daemonize ).
352364 WithCgroupVersion (cfg .JailerCfg .CgroupVersion ).
365+ WithCgroupArgs (cfg .JailerCfg .CgroupArgs ... ).
353366 WithFirecrackerArgs (fcArgs ... ).
354367 WithStdout (stdout ).
355368 WithStderr (stderr )
0 commit comments