From 8a9eeae972fa46f61e035804f3199b4b676b32e7 Mon Sep 17 00:00:00 2001 From: mii Date: Wed, 30 Oct 2024 11:53:13 +0900 Subject: [PATCH] add pids.max --- src/bin/izoli.rs | 5 +++-- src/cgroup/cgroup.rs | 21 +++++++++++++++++++++ src/cgroup/cgroup_option.rs | 1 + 3 files changed, 25 insertions(+), 2 deletions(-) diff --git a/src/bin/izoli.rs b/src/bin/izoli.rs index 3fcb99c..7d1c1fa 100644 --- a/src/bin/izoli.rs +++ b/src/bin/izoli.rs @@ -29,10 +29,11 @@ fn main() { max: CGroupLimitValue::Max, period: 100000, }), - memory_max: Some(CGroupLimitValue::Value(1024 * 1024 * 2)), + memory_max: Some(CGroupLimitValue::Value(1024 * 1024 * 1024)), + pids_max: Some(CGroupLimitValue::Value(3)), ..Default::default() }), - new_net: true, + new_net: false, }, ); diff --git a/src/cgroup/cgroup.rs b/src/cgroup/cgroup.rs index 0a99316..c15ac2b 100644 --- a/src/cgroup/cgroup.rs +++ b/src/cgroup/cgroup.rs @@ -58,6 +58,11 @@ impl CGroup { self.set_memory_max(memory_max)?; } + if let Some(pids_max) = &option.pids_max { + info!("setting pids.max"); + self.set_pids_max(pids_max)?; + } + Ok(()) } @@ -228,6 +233,22 @@ impl CGroup { self.write("memory.max", &to_write) } + // pids read + + pub fn get_pids_max(&self) -> Result, std::io::Error> { + let max = self.read("pids.max")?; + + Ok(CGroupLimitValue::from_str(&max).unwrap()) + } + + // pids write + + pub fn set_pids_max(&self, pids_limit: &CGroupLimitValue) -> Result<(), std::io::Error> { + let to_write = pids_limit.to_string(); + + self.write("pids.max", &to_write) + } + fn write_value(&self, name: &str, value: T) -> Result<(), std::io::Error> where T: fmt::Display, diff --git a/src/cgroup/cgroup_option.rs b/src/cgroup/cgroup_option.rs index e33631a..666944c 100644 --- a/src/cgroup/cgroup_option.rs +++ b/src/cgroup/cgroup_option.rs @@ -4,4 +4,5 @@ use super::{cpu_limit::CpuLimit, limit_value::CGroupLimitValue}; pub struct CGroupOption { pub cpu_max: Option, pub memory_max: Option>, + pub pids_max: Option>, }