
Linux cgroups v2 - rodionos
https://github.com/torvalds/linux/blob/master/Documentation/cgroup-v2.txt
======
webaholic
How is it different from v1? Why was v2 necessary?

~~~
rodionos
It's actually a substantial re-write. They got rid of multiple hierarchies, in
other words a process can now belong to only one cgroup. Threads cannot belong
to cgroups different from their parent anymore.

v1 was okay given that slicing the system into partitions was rarely needed
outside of VPS service provider use cases. Then container goldrush happened
and user applications started using cgroups in earnest exposing some design
shortcomings, or rather excessive flexibility.

~~~
cyphar
As someone who maintains a container runtime (runC) I don't really agree with
the statement that v1 had too much flexibility. Sometimes you want to have
different resource pools for different resources. That's a useful feature. And
while I understand the reasoning of the no internal process constraints,
there's just some issues there that just make life annoying (you have to
create two subtrees if you actually just wanted to make one). The reason some
of these constraints and requirements came about is (IMO) because of bugs in
cgroup controllers and the maintainers of the controllers didn't want to fix
the bugs (for example, the CPU controller would weight processes in an
internal node differently to processes in leaf nodes).

However, the fact that you can only have one hierarchy is a good thing (it
makes container setup much nicer). Too bad that systemd will probably assume
that it should own the root hierarchy (which will probably result in countless
conflicts with container runtimes that don't buy into nspawn).

