mirror of https://github.com/hak5/openwrt-owl.git
Config.in: update options for cgroups and namespaces
Signed-off-by: Luka Perkov <luka@openwrt.org> SVN-Revision: 36539owl
parent
02d4ea2774
commit
f54a6df1e1
393
Config.in
393
Config.in
|
@ -304,148 +304,281 @@ menu "Global build settings"
|
|||
# CGROUP support symbols
|
||||
#
|
||||
|
||||
config KERNEL_FREEZER
|
||||
bool
|
||||
default y if KERNEL_CGROUP_FREEZER
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_FREEZER
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_DEVICE
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CPUSETS
|
||||
bool
|
||||
default y if KERNEL_CGROUP_CPUACCT
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_PROC_PID_CPUSET
|
||||
bool
|
||||
default y if KERNEL_CGROUP_CPUACCT
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_CPUACCT
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_RESOURCE_COUNTERS
|
||||
bool
|
||||
default y if KERNEL_CGROUP_MEM_RES_CTLR
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_MEM_RES_CTLR
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_MEM_RES_CTLR_SWAP
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_MEM_RES_CTLR_SWAP_ENABLED
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_MEM_RES_CTLR_KMEM
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_PERF
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CFS_BANDWIDTH
|
||||
bool
|
||||
default y if KERNEL_FAIR_GROUP_SCHED
|
||||
depends on KERNEL_CGROUP_SCHED
|
||||
|
||||
config KERNEL_FAIR_GROUP_SCHED
|
||||
bool
|
||||
default y if KERNEL_CGROUP_SCHED
|
||||
depends on KERNEL_CGROUP_SCHED
|
||||
|
||||
config KERNEL_RT_GROUP_SCHED
|
||||
bool
|
||||
default y if KERNEL_CGROUP_SCHED
|
||||
depends on KERNEL_CGROUP_SCHED
|
||||
|
||||
config KERNEL_CGROUP_SCHED
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_NET_CLS_CGROUP
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_NETPRIO_CGROUP
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_BLK_CGROUP
|
||||
bool
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_DEBUG_BLK_CGROUP
|
||||
bool
|
||||
default n if KERNEL_CGROUPS
|
||||
depends on KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUPS
|
||||
bool "Enable kernel cgroups"
|
||||
default n
|
||||
select KERNEL_CGROUP_FREEZER
|
||||
select KERNEL_CGROUP_DEVICE
|
||||
select KERNEL_CGROUP_CPUACCT
|
||||
select KERNEL_CGROUP_MEM_RES_CTLR
|
||||
select KERNEL_CGROUP_MEM_RES_CTLR_SWAP
|
||||
select KERNEL_CGROUP_MEM_RES_CTLR_SWAP_ENABLED
|
||||
select KERNEL_CGROUP_MEM_RES_CTLR_KMEM
|
||||
select KERNEL_CGROUP_PERF
|
||||
select KERNEL_CGROUP_SCHED
|
||||
select KERNEL_NET_CLS_CGROUP
|
||||
select KERNEL_NETPRIO_CGROUP
|
||||
select KERNEL_BLK_CGROUP
|
||||
|
||||
if KERNEL_CGROUPS
|
||||
|
||||
config KERNEL_CGROUP_DEBUG
|
||||
bool "Example debug cgroup subsystem"
|
||||
default n
|
||||
help
|
||||
This option enables a simple cgroup subsystem that
|
||||
exports useful debugging information about the cgroups
|
||||
framework.
|
||||
|
||||
config KERNEL_FREEZER
|
||||
bool
|
||||
default y if KERNEL_CGROUP_FREEZER
|
||||
|
||||
config KERNEL_CGROUP_FREEZER
|
||||
bool "Freezer cgroup subsystem"
|
||||
default n
|
||||
help
|
||||
Provides a way to freeze and unfreeze all tasks in a
|
||||
cgroup.
|
||||
|
||||
config KERNEL_CGROUP_DEVICE
|
||||
bool "Device controller for cgroups"
|
||||
default y
|
||||
help
|
||||
Provides a cgroup implementing whitelists for devices which
|
||||
a process in the cgroup can mknod or open.
|
||||
|
||||
config KERNEL_CPUSETS
|
||||
bool "Cpuset support"
|
||||
default n
|
||||
help
|
||||
This option will let you create and manage CPUSETs which
|
||||
allow dynamically partitioning a system into sets of CPUs and
|
||||
Memory Nodes and assigning tasks to run only within those sets.
|
||||
This is primarily useful on large SMP or NUMA systems.
|
||||
|
||||
config KERNEL_PROC_PID_CPUSET
|
||||
bool "Include legacy /proc/<pid>/cpuset file"
|
||||
default n
|
||||
depends on KERNEL_CPUSETS
|
||||
|
||||
config KERNEL_CGROUP_CPUACCT
|
||||
bool "Simple CPU accounting cgroup subsystem"
|
||||
default n
|
||||
help
|
||||
Provides a simple Resource Controller for monitoring the
|
||||
total CPU consumed by the tasks in a cgroup.
|
||||
|
||||
config KERNEL_RESOURCE_COUNTERS
|
||||
bool "Resource counters"
|
||||
default n
|
||||
help
|
||||
This option enables controller independent resource accounting
|
||||
infrastructure that works with cgroups.
|
||||
|
||||
config KERNEL_MM_OWNER
|
||||
bool
|
||||
default y if KERNEL_MEMCG
|
||||
|
||||
config KERNEL_MEMCG
|
||||
bool "Memory Resource Controller for Control Groups"
|
||||
default n
|
||||
depends on KERNEL_RESOURCE_COUNTERS
|
||||
help
|
||||
Provides a memory resource controller that manages both anonymous
|
||||
memory and page cache. (See Documentation/cgroups/memory.txt)
|
||||
|
||||
Note that setting this option increases fixed memory overhead
|
||||
associated with each page of memory in the system. By this,
|
||||
20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
|
||||
usage tracking struct at boot. Total amount of this is printed out
|
||||
at boot.
|
||||
|
||||
Only enable when you're ok with these trade offs and really
|
||||
sure you need the memory resource controller. Even when you enable
|
||||
this, you can set "cgroup_disable=memory" at your boot option to
|
||||
disable memory resource controller and you can avoid overheads.
|
||||
(and lose benefits of memory resource controller)
|
||||
|
||||
This config option also selects MM_OWNER config option, which
|
||||
could in turn add some fork/exit overhead.
|
||||
|
||||
config KERNEL_MEMCG_SWAP
|
||||
bool "Memory Resource Controller Swap Extension"
|
||||
default n
|
||||
depends on KERNEL_MEMCG
|
||||
help
|
||||
Add swap management feature to memory resource controller. When you
|
||||
enable this, you can limit mem+swap usage per cgroup. In other words,
|
||||
when you disable this, memory resource controller has no cares to
|
||||
usage of swap...a process can exhaust all of the swap. This extension
|
||||
is useful when you want to avoid exhaustion swap but this itself
|
||||
adds more overheads and consumes memory for remembering information.
|
||||
Especially if you use 32bit system or small memory system, please
|
||||
be careful about enabling this. When memory resource controller
|
||||
is disabled by boot option, this will be automatically disabled and
|
||||
there will be no overhead from this. Even when you set this config=y,
|
||||
if boot option "swapaccount=0" is set, swap will not be accounted.
|
||||
Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
|
||||
size is 4096bytes, 512k per 1Gbytes of swap.
|
||||
|
||||
config KERNEL_MEMCG_SWAP_ENABLED
|
||||
bool "Memory Resource Controller Swap Extension enabled by default"
|
||||
default n
|
||||
depends on KERNEL_MEMCG_SWAP
|
||||
help
|
||||
Memory Resource Controller Swap Extension comes with its price in
|
||||
a bigger memory consumption. General purpose distribution kernels
|
||||
which want to enable the feature but keep it disabled by default
|
||||
and let the user enable it by swapaccount boot command line
|
||||
parameter should have this option unselected.
|
||||
For those who want to have the feature enabled by default should
|
||||
select this option (if, for some reason, they need to disable it
|
||||
then swapaccount=0 does the trick).
|
||||
|
||||
|
||||
config KERNEL_MEMCG_KMEM
|
||||
bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
|
||||
default n
|
||||
depends on KERNEL_MEMCG
|
||||
help
|
||||
The Kernel Memory extension for Memory Resource Controller can limit
|
||||
the amount of memory used by kernel objects in the system. Those are
|
||||
fundamentally different from the entities handled by the standard
|
||||
Memory Controller, which are page-based, and can be swapped. Users of
|
||||
the kmem extension can use it to guarantee that no group of processes
|
||||
will ever exhaust kernel resources alone.
|
||||
|
||||
config KERNEL_PERF_EVENTS
|
||||
bool
|
||||
default y if KERNEL_CGROUP_PERF
|
||||
|
||||
config KERNEL_CGROUP_PERF
|
||||
bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
|
||||
default n
|
||||
help
|
||||
This option extends the per-cpu mode to restrict monitoring to
|
||||
threads which belong to the cgroup specified and run on the
|
||||
designated cpu.
|
||||
|
||||
menuconfig KERNEL_CGROUP_SCHED
|
||||
bool "Group CPU scheduler"
|
||||
default n
|
||||
help
|
||||
This feature lets CPU scheduler recognize task groups and control CPU
|
||||
bandwidth allocation to such task groups. It uses cgroups to group
|
||||
tasks.
|
||||
|
||||
if KERNEL_CGROUP_SCHED
|
||||
|
||||
config KERNEL_FAIR_GROUP_SCHED
|
||||
bool "Group scheduling for SCHED_OTHER"
|
||||
default n
|
||||
|
||||
config KERNEL_CFS_BANDWIDTH
|
||||
bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
|
||||
default n
|
||||
depends on KERNEL_FAIR_GROUP_SCHED
|
||||
help
|
||||
This option allows users to define CPU bandwidth rates (limits) for
|
||||
tasks running within the fair group scheduler. Groups with no limit
|
||||
set are considered to be unconstrained and will run with no
|
||||
restriction.
|
||||
See tip/Documentation/scheduler/sched-bwc.txt for more information.
|
||||
|
||||
config KERNEL_RT_GROUP_SCHED
|
||||
bool "Group scheduling for SCHED_RR/FIFO"
|
||||
default n
|
||||
help
|
||||
This feature lets you explicitly allocate real CPU bandwidth
|
||||
to task groups. If enabled, it will also make it impossible to
|
||||
schedule realtime tasks for non-root users until you allocate
|
||||
realtime bandwidth for them.
|
||||
|
||||
endif
|
||||
|
||||
config KERNEL_BLK_CGROUP
|
||||
bool "Block IO controller"
|
||||
default y
|
||||
help
|
||||
Generic block IO controller cgroup interface. This is the common
|
||||
cgroup interface which should be used by various IO controlling
|
||||
policies.
|
||||
|
||||
Currently, CFQ IO scheduler uses it to recognize task groups and
|
||||
control disk bandwidth allocation (proportional time slice allocation)
|
||||
to such task groups. It is also used by bio throttling logic in
|
||||
block layer to implement upper limit in IO rates on a device.
|
||||
|
||||
This option only enables generic Block IO controller infrastructure.
|
||||
One needs to also enable actual IO controlling logic/policy. For
|
||||
enabling proportional weight division of disk bandwidth in CFQ, set
|
||||
CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
|
||||
CONFIG_BLK_DEV_THROTTLING=y.
|
||||
|
||||
config KERNEL_DEBUG_BLK_CGROUP
|
||||
bool "Enable Block IO controller debugging"
|
||||
default n
|
||||
depends on KERNEL_BLK_CGROUP
|
||||
help
|
||||
Enable some debugging help. Currently it exports additional stat
|
||||
files in a cgroup which can be useful for debugging.
|
||||
|
||||
config KERNEL_NET_CLS_CGROUP
|
||||
bool "Control Group Classifier"
|
||||
default y
|
||||
|
||||
config KERNEL_NETPRIO_CGROUP
|
||||
bool "Network priority cgroup"
|
||||
default y
|
||||
|
||||
endif
|
||||
|
||||
#
|
||||
# Namespace support symbols
|
||||
#
|
||||
|
||||
config KERNEL_UTS_NS
|
||||
bool
|
||||
depends on KERNEL_NAMESPACES
|
||||
|
||||
config KERNEL_IPC_NS
|
||||
bool
|
||||
depends on KERNEL_NAMESPACES
|
||||
|
||||
config KERNEL_USER_NS
|
||||
bool
|
||||
depends on KERNEL_NAMESPACES
|
||||
|
||||
config KERNEL_PID_NS
|
||||
bool
|
||||
depends on KERNEL_NAMESPACES
|
||||
|
||||
config KERNEL_NET_NS
|
||||
bool
|
||||
depends on KERNEL_NAMESPACES
|
||||
|
||||
config KERNEL_DEVPTS_MULTIPLE_INSTANCES
|
||||
bool
|
||||
depends on KERNEL_NAMESPACES
|
||||
|
||||
config KERNEL_NAMESPACES
|
||||
bool "Enable kernel namespaces"
|
||||
default n
|
||||
select KERNEL_UTS_NS
|
||||
select KERNEL_IPC_NS
|
||||
select KERNEL_USER_NS
|
||||
select KERNEL_PID_NS
|
||||
select KERNEL_NET_NS
|
||||
select KERNEL_DEVPTS_MULTIPLE_INSTANCES
|
||||
|
||||
if KERNEL_NAMESPACES
|
||||
|
||||
config KERNEL_UTS_NS
|
||||
bool "UTS namespace"
|
||||
default y
|
||||
help
|
||||
In this namespace tasks see different info provided
|
||||
with the uname() system call
|
||||
|
||||
config KERNEL_IPC_NS
|
||||
bool "IPC namespace"
|
||||
default y
|
||||
help
|
||||
In this namespace tasks work with IPC ids which correspond to
|
||||
different IPC objects in different namespaces.
|
||||
|
||||
config KERNEL_USER_NS
|
||||
bool "User namespace (EXPERIMENTAL)"
|
||||
default y
|
||||
help
|
||||
This allows containers, i.e. vservers, to use user namespaces
|
||||
to provide different user info for different servers.
|
||||
|
||||
config KERNEL_PID_NS
|
||||
bool "PID Namespaces"
|
||||
default y
|
||||
help
|
||||
Support process id namespaces. This allows having multiple
|
||||
processes with the same pid as long as they are in different
|
||||
pid namespaces. This is a building block of containers.
|
||||
|
||||
config KERNEL_NET_NS
|
||||
bool "Network namespace"
|
||||
default y
|
||||
help
|
||||
Allow user space to create what appear to be multiple instances
|
||||
of the network stack.
|
||||
|
||||
config KERNEL_DEVPTS_MULTIPLE_INSTANCES
|
||||
bool "Support multiple instances of devpts"
|
||||
default y
|
||||
help
|
||||
Enable support for multiple instances of devpts filesystem.
|
||||
If you want to have isolated PTY namespaces (eg: in containers),
|
||||
say Y here. Otherwise, say N. If enabled, each mount of devpts
|
||||
filesystem with the '-o newinstance' option will create an
|
||||
independent PTY namespace.
|
||||
|
||||
endif
|
||||
|
||||
comment "Package build options"
|
||||
|
||||
|
|
Loading…
Reference in New Issue