add jailer support for parent-cgroup argument (#638)

Signed-off-by: JooYoung Park <[email protected]>

Author: JooyoungPark73

jailer.go

@@ -89,6 +89,11 @@ type JailerConfig struct {
 	// formatted like <cgroup_file>=<value>, like "cpu.shares=10"
 	CgroupArgs []string
 
+	// ParentCgroup is the parent cgroup for the jailer. By specifying this
+	// parameter, the jailer will create a new cgroup named id for the
+	// microvm in the <cgroup_base>/<parent_cgroup> subfolder.
+	ParentCgroup string
+
 	// Stdout specifies the IO writer for STDOUT to use when spawning the jailer.
 	Stdout io.Writer
 	// Stderr specifies the IO writer for STDERR to use when spawning the jailer.
@@ -114,6 +119,7 @@ type JailerCommandBuilder struct {
 	firecrackerArgs []string
 	cgroupVersion   string
 	cgroupArgs      []string
+	parentCgroup    string
 
 	stdin  io.Reader
 	stdout io.Writer
@@ -156,6 +162,10 @@ func (b JailerCommandBuilder) Args() []string {
 		args = append(args, "--cgroup-version", b.cgroupVersion)
 	}
 
+	if len(b.parentCgroup) > 0 {
+		args = append(args, "--parent-cgroup", b.parentCgroup)
+	}
+
 	if len(b.chrootBaseDir) > 0 {
 		args = append(args, "--chroot-base-dir", b.chrootBaseDir)
 	}
@@ -237,6 +247,12 @@ func (b JailerCommandBuilder) WithCgroupArgs(cgroupArgs ...string) JailerCommand
 	return b
 }
 
+// WithParentCgroup will set the parent cgroup for the jailer.
+func (b JailerCommandBuilder) WithParentCgroup(parentCgroup string) JailerCommandBuilder {
+	b.parentCgroup = parentCgroup
+	return b
+}
+
 // WithChrootBaseDir will set the given path as the chroot base directory. This
 // specifies where chroot jails are built and defaults to /srv/jailer.
 func (b JailerCommandBuilder) WithChrootBaseDir(path string) JailerCommandBuilder {
@@ -375,6 +391,7 @@ func jail(ctx context.Context, m *Machine, cfg *Config) error {
 		WithDaemonize(cfg.JailerCfg.Daemonize).
 		WithCgroupVersion(cfg.JailerCfg.CgroupVersion).
 		WithCgroupArgs(cfg.JailerCfg.CgroupArgs...).
+		WithParentCgroup(cfg.JailerCfg.ParentCgroup).
 		WithFirecrackerArgs(fcArgs...).
 		WithStdout(stdout).
 		WithStderr(stderr)

jailer_test.go

@@ -109,6 +109,7 @@ func TestJailerBuilder(t *testing.T) {
 				ChrootBaseDir:  "/tmp",
 				JailerBinary:   "/path/to/the/jailer",
 				CgroupVersion:  "2",
+				ParentCgroup:   "/path/to/parent-cgroup",
 			},
 			expectedArgs: []string{
 				"/path/to/the/jailer",
@@ -128,6 +129,8 @@ func TestJailerBuilder(t *testing.T) {
 				"cpu.shares=10",
 				"--cgroup-version",
 				"2",
+				"--parent-cgroup",
+				"/path/to/parent-cgroup",
 				"--chroot-base-dir",
 				"/tmp",
 				"--netns",
@@ -151,6 +154,7 @@ func TestJailerBuilder(t *testing.T) {
 				WithNumaNode(IntValue(c.jailerCfg.NumaNode)).
 				WithCgroupArgs(c.jailerCfg.CgroupArgs...).
 				WithCgroupVersion(c.jailerCfg.CgroupVersion).
+				WithParentCgroup(c.jailerCfg.ParentCgroup).
 				WithExecFile(c.jailerCfg.ExecFile)
 
 			if len(c.jailerCfg.JailerBinary) > 0 {
@@ -274,6 +278,7 @@ func TestJail(t *testing.T) {
 				ChrootBaseDir:  "/tmp",
 				JailerBinary:   "/path/to/the/jailer",
 				CgroupVersion:  "2",
+				ParentCgroup:   "/path/to/parent-cgroup",
 			},
 			expectedArgs: []string{
 				"/path/to/the/jailer",
@@ -291,6 +296,8 @@ func TestJail(t *testing.T) {
 				fmt.Sprintf("cpuset.cpus=%s", getNumaCpuset(0)),
 				"--cgroup-version",
 				"2",
+				"--parent-cgroup",
+				"/path/to/parent-cgroup",
 				"--chroot-base-dir",
 				"/tmp",
 				"--netns",