hak5
/
openwrt
mirror of https://github.com/hak5/openwrt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Config.in: update options for cgroups and namespaces 

Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 36539
lede-17.01
Luka Perkov 2013-05-03 15:16:49 +00:00
parent 02d4ea2774
commit f54a6df1e1
1 changed files with 263 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

393
Config.in
View File

@ -304,148 +304,281 @@ menu "Global build settings"
# CGROUP support symbols # CGROUP support symbols
# #
config KERNEL_FREEZER
bool
default y if KERNEL_CGROUP_FREEZER
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_FREEZER
bool
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_DEVICE
bool
depends on KERNEL_CGROUPS
config KERNEL_CPUSETS
bool
default y if KERNEL_CGROUP_CPUACCT
depends on KERNEL_CGROUPS
config KERNEL_PROC_PID_CPUSET
bool
default y if KERNEL_CGROUP_CPUACCT
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_CPUACCT
bool
depends on KERNEL_CGROUPS
config KERNEL_RESOURCE_COUNTERS
bool
default y if KERNEL_CGROUP_MEM_RES_CTLR
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_MEM_RES_CTLR
bool
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_MEM_RES_CTLR_SWAP
bool
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_MEM_RES_CTLR_SWAP_ENABLED
bool
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_MEM_RES_CTLR_KMEM
bool
depends on KERNEL_CGROUPS
config KERNEL_CGROUP_PERF
bool
depends on KERNEL_CGROUPS
config KERNEL_CFS_BANDWIDTH
bool
default y if KERNEL_FAIR_GROUP_SCHED
depends on KERNEL_CGROUP_SCHED
config KERNEL_FAIR_GROUP_SCHED
bool
default y if KERNEL_CGROUP_SCHED
depends on KERNEL_CGROUP_SCHED
config KERNEL_RT_GROUP_SCHED
bool
default y if KERNEL_CGROUP_SCHED
depends on KERNEL_CGROUP_SCHED
config KERNEL_CGROUP_SCHED
bool
depends on KERNEL_CGROUPS
config KERNEL_NET_CLS_CGROUP
bool
depends on KERNEL_CGROUPS
config KERNEL_NETPRIO_CGROUP
bool
depends on KERNEL_CGROUPS
config KERNEL_BLK_CGROUP
bool
depends on KERNEL_CGROUPS
config KERNEL_DEBUG_BLK_CGROUP
bool
default n if KERNEL_CGROUPS
depends on KERNEL_CGROUPS
config KERNEL_CGROUPS config KERNEL_CGROUPS
bool "Enable kernel cgroups" bool "Enable kernel cgroups"
default n default n
select KERNEL_CGROUP_FREEZER
select KERNEL_CGROUP_DEVICE if KERNEL_CGROUPS
select KERNEL_CGROUP_CPUACCT
select KERNEL_CGROUP_MEM_RES_CTLR config KERNEL_CGROUP_DEBUG
select KERNEL_CGROUP_MEM_RES_CTLR_SWAP bool "Example debug cgroup subsystem"
select KERNEL_CGROUP_MEM_RES_CTLR_SWAP_ENABLED default n
select KERNEL_CGROUP_MEM_RES_CTLR_KMEM help
select KERNEL_CGROUP_PERF This option enables a simple cgroup subsystem that
select KERNEL_CGROUP_SCHED exports useful debugging information about the cgroups
select KERNEL_NET_CLS_CGROUP framework.
select KERNEL_NETPRIO_CGROUP
select KERNEL_BLK_CGROUP config KERNEL_FREEZER
bool
default y if KERNEL_CGROUP_FREEZER
config KERNEL_CGROUP_FREEZER
bool "Freezer cgroup subsystem"
default n
help
Provides a way to freeze and unfreeze all tasks in a
cgroup.
config KERNEL_CGROUP_DEVICE
bool "Device controller for cgroups"
default y
help
Provides a cgroup implementing whitelists for devices which
a process in the cgroup can mknod or open.
config KERNEL_CPUSETS
bool "Cpuset support"
default n
help
This option will let you create and manage CPUSETs which
allow dynamically partitioning a system into sets of CPUs and
Memory Nodes and assigning tasks to run only within those sets.
This is primarily useful on large SMP or NUMA systems.
config KERNEL_PROC_PID_CPUSET
bool "Include legacy /proc/<pid>/cpuset file"
default n
depends on KERNEL_CPUSETS
config KERNEL_CGROUP_CPUACCT
bool "Simple CPU accounting cgroup subsystem"
default n
help
Provides a simple Resource Controller for monitoring the
total CPU consumed by the tasks in a cgroup.
config KERNEL_RESOURCE_COUNTERS
bool "Resource counters"
default n
help
This option enables controller independent resource accounting
infrastructure that works with cgroups.
config KERNEL_MM_OWNER
bool
default y if KERNEL_MEMCG
config KERNEL_MEMCG
bool "Memory Resource Controller for Control Groups"
default n
depends on KERNEL_RESOURCE_COUNTERS
help
Provides a memory resource controller that manages both anonymous
memory and page cache. (See Documentation/cgroups/memory.txt)
Note that setting this option increases fixed memory overhead
associated with each page of memory in the system. By this,
20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
usage tracking struct at boot. Total amount of this is printed out
at boot.
Only enable when you're ok with these trade offs and really
sure you need the memory resource controller. Even when you enable
this, you can set "cgroup_disable=memory" at your boot option to
disable memory resource controller and you can avoid overheads.
(and lose benefits of memory resource controller)
This config option also selects MM_OWNER config option, which
could in turn add some fork/exit overhead.
config KERNEL_MEMCG_SWAP
bool "Memory Resource Controller Swap Extension"
default n
depends on KERNEL_MEMCG
help
Add swap management feature to memory resource controller. When you
enable this, you can limit mem+swap usage per cgroup. In other words,
when you disable this, memory resource controller has no cares to
usage of swap...a process can exhaust all of the swap. This extension
is useful when you want to avoid exhaustion swap but this itself
adds more overheads and consumes memory for remembering information.
Especially if you use 32bit system or small memory system, please
be careful about enabling this. When memory resource controller
is disabled by boot option, this will be automatically disabled and
there will be no overhead from this. Even when you set this config=y,
if boot option "swapaccount=0" is set, swap will not be accounted.
Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
size is 4096bytes, 512k per 1Gbytes of swap.
config KERNEL_MEMCG_SWAP_ENABLED
bool "Memory Resource Controller Swap Extension enabled by default"
default n
depends on KERNEL_MEMCG_SWAP
help
Memory Resource Controller Swap Extension comes with its price in
a bigger memory consumption. General purpose distribution kernels
which want to enable the feature but keep it disabled by default
and let the user enable it by swapaccount boot command line
parameter should have this option unselected.
For those who want to have the feature enabled by default should
select this option (if, for some reason, they need to disable it
then swapaccount=0 does the trick).
config KERNEL_MEMCG_KMEM
bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
default n
depends on KERNEL_MEMCG
help
The Kernel Memory extension for Memory Resource Controller can limit
the amount of memory used by kernel objects in the system. Those are
fundamentally different from the entities handled by the standard
Memory Controller, which are page-based, and can be swapped. Users of
the kmem extension can use it to guarantee that no group of processes
will ever exhaust kernel resources alone.
config KERNEL_PERF_EVENTS
bool
default y if KERNEL_CGROUP_PERF
config KERNEL_CGROUP_PERF
bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
default n
help
This option extends the per-cpu mode to restrict monitoring to
threads which belong to the cgroup specified and run on the
designated cpu.
menuconfig KERNEL_CGROUP_SCHED
bool "Group CPU scheduler"
default n
help
This feature lets CPU scheduler recognize task groups and control CPU
bandwidth allocation to such task groups. It uses cgroups to group
tasks.
if KERNEL_CGROUP_SCHED
config KERNEL_FAIR_GROUP_SCHED
bool "Group scheduling for SCHED_OTHER"
default n
config KERNEL_CFS_BANDWIDTH
bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
default n
depends on KERNEL_FAIR_GROUP_SCHED
help
This option allows users to define CPU bandwidth rates (limits) for
tasks running within the fair group scheduler. Groups with no limit
set are considered to be unconstrained and will run with no
restriction.
See tip/Documentation/scheduler/sched-bwc.txt for more information.
config KERNEL_RT_GROUP_SCHED
bool "Group scheduling for SCHED_RR/FIFO"
default n
help
This feature lets you explicitly allocate real CPU bandwidth
to task groups. If enabled, it will also make it impossible to
schedule realtime tasks for non-root users until you allocate
realtime bandwidth for them.
endif
config KERNEL_BLK_CGROUP
bool "Block IO controller"
default y
help
Generic block IO controller cgroup interface. This is the common
cgroup interface which should be used by various IO controlling
policies.
Currently, CFQ IO scheduler uses it to recognize task groups and
control disk bandwidth allocation (proportional time slice allocation)
to such task groups. It is also used by bio throttling logic in
block layer to implement upper limit in IO rates on a device.
This option only enables generic Block IO controller infrastructure.
One needs to also enable actual IO controlling logic/policy. For
enabling proportional weight division of disk bandwidth in CFQ, set
CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
CONFIG_BLK_DEV_THROTTLING=y.
config KERNEL_DEBUG_BLK_CGROUP
bool "Enable Block IO controller debugging"
default n
depends on KERNEL_BLK_CGROUP
help
Enable some debugging help. Currently it exports additional stat
files in a cgroup which can be useful for debugging.
config KERNEL_NET_CLS_CGROUP
bool "Control Group Classifier"
default y
config KERNEL_NETPRIO_CGROUP
bool "Network priority cgroup"
default y
endif
# #
# Namespace support symbols # Namespace support symbols
# #
config KERNEL_UTS_NS
bool
depends on KERNEL_NAMESPACES
config KERNEL_IPC_NS
bool
depends on KERNEL_NAMESPACES
config KERNEL_USER_NS
bool
depends on KERNEL_NAMESPACES
config KERNEL_PID_NS
bool
depends on KERNEL_NAMESPACES
config KERNEL_NET_NS
bool
depends on KERNEL_NAMESPACES
config KERNEL_DEVPTS_MULTIPLE_INSTANCES
bool
depends on KERNEL_NAMESPACES
config KERNEL_NAMESPACES config KERNEL_NAMESPACES
bool "Enable kernel namespaces" bool "Enable kernel namespaces"
default n default n
select KERNEL_UTS_NS
select KERNEL_IPC_NS
select KERNEL_USER_NS
select KERNEL_PID_NS
select KERNEL_NET_NS
select KERNEL_DEVPTS_MULTIPLE_INSTANCES
if KERNEL_NAMESPACES
config KERNEL_UTS_NS
bool "UTS namespace"
default y
help
In this namespace tasks see different info provided
with the uname() system call
config KERNEL_IPC_NS
bool "IPC namespace"
default y
help
In this namespace tasks work with IPC ids which correspond to
different IPC objects in different namespaces.
config KERNEL_USER_NS
bool "User namespace (EXPERIMENTAL)"
default y
help
This allows containers, i.e. vservers, to use user namespaces
to provide different user info for different servers.
config KERNEL_PID_NS
bool "PID Namespaces"
default y
help
Support process id namespaces. This allows having multiple
processes with the same pid as long as they are in different
pid namespaces. This is a building block of containers.
config KERNEL_NET_NS
bool "Network namespace"
default y
help
Allow user space to create what appear to be multiple instances
of the network stack.
config KERNEL_DEVPTS_MULTIPLE_INSTANCES
bool "Support multiple instances of devpts"
default y
help
Enable support for multiple instances of devpts filesystem.
If you want to have isolated PTY namespaces (eg: in containers),
say Y here. Otherwise, say N. If enabled, each mount of devpts
filesystem with the '-o newinstance' option will create an
independent PTY namespace.
endif
comment "Package build options" comment "Package build options"