feat(api): Add blkio cgroup tuning via --blkio flag#1595
Open
chrisgeo wants to merge 4 commits into
Open
Conversation
chrisgeo
commented
May 24, 2026
chrisgeo
commented
May 24, 2026
chrisgeo
commented
May 24, 2026
Two changes addressing review feedback from apple/containerization#739 and apple#1512 (comment): 1. Adopt the new `Containerization.LinuxBlockIO` wrapper added in containerization PR apple#739 (pin advanced to 3d009df). The wire format in `ContainerConfiguration.Resources.blockIO` stays as the Codable `ContainerizationOCI.LinuxBlockIO`; `RuntimeService.configureContainer` converts to the wrapper at the boundary via the new `toContainerizationBlockIO` helper. 2. Replace the six separate `--blkio-*` / `--device-*` flags with a single repeatable `--blkio` flag using key=value[,key=value] syntax, per apple#1512 (comment): --blkio weight=500 --blkio device=/dev/sda,weight=700,leaf-weight=300 --blkio device=/dev/sda,read-bps=1048576,write-bps=1048576 --blkio device=/dev/sda,read-iops=1000,write-iops=1000 Device values accept either an absolute host path (resolved via stat(2)) or a literal `<major>:<minor>`. Parser rejects unknown keys, conflicting global weights, and global-only keys appearing on device-less specs. Tests cover the combined spec, major:minor literal, invalid-weight, unknown-key, and global-only-on-device-spec error paths.
chrisgeo
force-pushed
the
feat/chaos-1380-blkio-flags
branch
from
2921cd9 to
8265a51
Compare
jglogan
requested changes
May 27, 2026
…imeData Addresses jglogan review feedback on PR apple#1595: 1. Move `blockIO` field out of the cross-platform `ContainerConfiguration.Resources` and into the Linux-specific `LinuxRuntimeData`. The CLI now encodes `LinuxRuntimeData(blockIO: …)` into the opaque `RuntimeConfiguration.runtimeData` field, and the Linux runtime decodes it inside `configureContainer` before applying the OCI `LinuxBlockIO` to `czConfig.blockIO`. Keeps OS-specific options out of the generic container config type. 2. Move the `--blkio` flag from `Flags.Resource` to `Flags.Management` and simplify its help to a single line pointing at the command reference, in the spirit of the existing generic options pattern. The structured key=value parsing/validation in `Parser.blockIO` is unchanged. 3. `Parser.resources` no longer takes `blkio`; `Parser.blockIO` stays public and is now invoked by `ContainerRun` / `ContainerCreate` directly. Tests rewritten to exercise `Parser.blockIO` directly. `swift build` clean; `swift test --filter ParserTest` 105 tests pass, `RuntimeConfiguration` tests pass, `container run --help` shows `--blkio` under MANAGEMENT OPTIONS. Deferred (per PR body): Package.swift / Package.resolved still pin containerization to apple/containerization#739's branch because that upstream PR is still open. Those will revert to apple/containerization at merge time, once apple#739 lands.
Contributor
Author
|
Pushed 1.
|
The branch pin to full-chaos/containerization@feat/chaos-1380-blkio-runtime was a temporary measure while apple/containerization#739 was in flight. Revert to the upstream pin so this PR can be merged independently of apple#739. Note: the runtime plumbing in RuntimeService.swift still references Containerization.LinuxBlockIO and czConfig.blockIO, which only exist on the apple#739 branch. The build will be temporarily broken until apple#739 lands upstream and the pin is bumped to whatever release contains it.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Type of Change
Motivation and Context
Closes #1512.
Use case
Docker Compose exposes block-I/O tuning through
service.blkio_config(weights, weight-per-device, and read/write bps/iops throttles). Compose
translators such as container-compose can parse the field today, but they
must warn-skip it on
apple/containerbecause there is no runtime flagsurface for it —
blkio_config:silently degrades into an unconfiguredcontainer. This PR adds the missing surface so:
service.blkio_configstraight through tocontainer run/container createwithout dropping fields.build steps, log shippers sharing a host disk) can apply BFQ-style
weights and per-device throttles directly from the CLI, matching the
docker run --blkio-weight*/--device-{read,write}-{bps,iops}ergonomics they already know.
blockIOconfig flows through the runtime data path so afuture
podman-style translator or higher-level orchestrator gets thesame plumbing for free.
CLI shape
Per the grouped, repeatable
key=valueform proposed in#1512 (comment) (lives under
MANAGEMENT OPTIONS, notRESOURCE OPTIONS, to keep the resource help wall short):device=accepts an absolute host path (resolved viastat(2)formajor/minor) or a literal
<major>:<minor>. Per-device keys:weight,leaf-weight,read-bps,write-bps,read-iops,write-iops. Globalkeys (no
device=):weight,leaf-weight. The parser rejects unknownkeys, conflicting global weights, and global-only keys mixed onto
device-less specs.
Runtime plumbing
To keep OS-specific options out of the cross-platform container config,
blockIOis carried as opaque runtime data, not onContainerConfiguration.Resources:ContainerRun/ContainerCreate) callsParser.blockIO(specs:),wraps the result in
LinuxRuntimeData(blockIO:), JSON-encodes it, andpasses it as
runtimeDatatoContainerClient.create.RuntimeService.bootstrapreadsRuntimeConfiguration.runtimeDatafrom disk and threads it into
configureContainer, which decodesLinuxRuntimeDataand appliesczConfig.blockIO(aContainerization.LinuxBlockIO, theSendablewrapper around the OCItype).
Dependency
Depends on apple/containerization#739, which introduces
Containerization.LinuxBlockIOand wires it intoLinuxContainer.Configuration. While #739 is unmerged this branch pinscontainerizationto its branch(
full-chaos/containerization@feat/chaos-1380-blkio-runtime,revision
3d009df). Before merge, the pin moves back toapple/containerizationat whatever revision lands #739.Testing
swift buildclean,swift test --filter ParserTestpasses(105 tests, 5 new) — tests call
Parser.blockIOdirectly now that thefield is no longer on
Resources:testResourcesBlockIOFlags— combined global + per-device + throttletestResourcesBlockIOAcceptsMajorMinorLiteral—device=8:0literaltestResourcesRejectsInvalidBlockIOWeight— weight outside 10..1000testResourcesRejectsUnknownBlockIOKey— typo detectiontestResourcesRejectsGlobalKeyOnDeviceSpec—read-bpswithoutdevice=RuntimeConfigurationTestspass (runtime-data round-trip).container run --helpconfirmed renders the new--blkioflag underMANAGEMENT OPTIONS.