diff options
| author | Daniel Mack <daniel@zonque.org> | 2016-02-10 15:44:01 +0100 |
|---|---|---|
| committer | Daniel Mack <daniel@zonque.org> | 2016-02-10 16:38:56 +0100 |
| commit | 50f48ad37aad99c54de4db34b07c3825cdedcf41 (patch) | |
| tree | c0a07c9391acf5d1aa9968cd9e25eda9eab58785 /NEWS | |
| parent | 16a798deb3b560f8b27848fe292a76b362c0b581 (diff) | |
cgroup: remove support for NetClass= directive
Support for net_cls.class_id through the NetClass= configuration directive
has been added in v227 in preparation for a per-unit packet filter mechanism.
However, it turns out the kernel people have decided to deprecate the net_cls
and net_prio controllers in v2. Tejun provides a comprehensive justification
for this in his commit, which has landed during the merge window for kernel
v4.5:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671
As we're aiming for full support for the v2 cgroup hierarchy, we can no
longer support this feature. Userspace tool such as nftables are moving over
to setting rules that are specific to the full cgroup path of a task, which
obsoletes these controllers anyway.
This commit removes support for tweaking details in the net_cls controller,
but keeps the NetClass= directive around for legacy compatibility reasons.
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 11 |
1 files changed, 11 insertions, 0 deletions
@@ -97,6 +97,17 @@ CHANGES WITH 229: initrd, this part of the logic remains in timesyncd, and is not done by PID 1. + * Support for tweaking details in net_cls.class_id through the + NetClass= configuration directive has been removed, as the kernel + people have decided to deprecate that controller in cgroup v2. + Userspace tools such as nftables are moving over to setting rules + that are specific to the full cgroup path of a task, which obsoletes + these controllers anyway. The NetClass= directive is kept around for + legacy compatibility reasons. For a more in-depth description of the + kernel change, please refer to the respective upstream commit: + + https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671 + * A new service setting RuntimeMaxSec= has been added that may be used to specify a maximum runtime for a service. If the timeout is hit, the service is terminated and put into a failure state. |