Skip to content

Commit 21f0dea

Browse files
committed
chore(docs): deprecate --start-time-cpu-us parameter
The jailer passes an option to Firecracker `--start-time-cpu-us` with the start time of the CPU timer. Firecracker substracts that from its own CPU time to calculate how much CPU time it spends during process startup. The value the jailer passes is always 0, so we can just use the Firecracker value. In any case this value was only supposed to be used within the Firecracker CI and not meant to be used by end customers. Signed-off-by: Pablo Barbáchano <[email protected]>
1 parent b546bc5 commit 21f0dea

File tree

6 files changed

+43
-49
lines changed

6 files changed

+43
-49
lines changed

CHANGELOG.md

+8
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,14 @@ and this project adheres to
3636
handler. Each memory region object now contains a `page_size_kib` field. See
3737
also the [hugepages documentation](docs/hugepages.md).
3838

39+
### Deprecated
40+
41+
- Firecracker's `--start-time-cpu-us` parameter is deprecated and will be
42+
removed in v2.0 or later. It is used by the jailer to pass the value that
43+
should be subtracted from the CPU time, but in practice it is always 0. The
44+
parameter was never meant to be used by end customers, and we recommend doing
45+
any such time adjustments outside Firecracker.
46+
3947
### Fixed
4048

4149
- [#4409](https://github.com/firecracker-microvm/firecracker/pull/4409): Fixed a

docs/jailer.md

+4-6
Original file line numberDiff line numberDiff line change
@@ -144,10 +144,9 @@ After starting, the Jailer goes through the following operations:
144144
inside `<exec_file_name>.pid`, while the child drops privileges and `exec()`s
145145
into the `<exec_file_name>`, as described below.
146146
- Drop privileges via setting the provided `uid` and `gid`.
147-
- Exec into
148-
`<exec_file_name> --id=<id> --start-time-us=<opaque> --start-time-cpu-us=<opaque>`
149-
(and also forward any extra arguments provided to the jailer after `--`, as
150-
mentioned in the **Jailer Usage** section), where:
147+
- Exec into `<exec_file_name> --id=<id> --start-time-us=<opaque>` (and also
148+
forward any extra arguments provided to the jailer after `--`, as mentioned in
149+
the **Jailer Usage** section), where:
151150
- `id`: (`string`) - The `id` argument provided to jailer.
152151
- `opaque`: (`number`) time calculated by the jailer that it spent doing its
153152
work.
@@ -243,8 +242,7 @@ Finally, the jailer switches the `uid` to `123`, and `gid` to `100`, and execs
243242
```console
244243
./firecracker \
245244
--id="551e7604-e35c-42b3-b825-416853441234" \
246-
--start-time-us=<opaque> \
247-
--start-time-cpu-us=<opaque>
245+
--start-time-us=<opaque>
248246
```
249247

250248
Now firecracker creates the socket at

src/firecracker/src/main.rs

+2-1
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ use utils::terminal::Terminal;
2222
use utils::validators::validate_instance_id;
2323
use vmm::builder::StartMicrovmError;
2424
use vmm::logger::{
25-
debug, error, info, LoggerConfig, ProcessTimeReporter, StoreMetric, LOGGER, METRICS,
25+
debug, error, info, warn, LoggerConfig, ProcessTimeReporter, StoreMetric, LOGGER, METRICS,
2626
};
2727
use vmm::persist::SNAPSHOT_VERSION;
2828
use vmm::resources::VmResources;
@@ -397,6 +397,7 @@ fn main_exec() -> Result<(), MainError> {
397397
});
398398

399399
let start_time_cpu_us = arguments.single_value("start-time-cpu-us").map(|s| {
400+
warn!("The --start-time-cpu-us argument is deprecated");
400401
s.parse::<u64>()
401402
.expect("'start-time-cpu-us' parameter expected to be of 'u64' type.")
402403
});

src/jailer/src/env.rs

+22-32
Original file line numberDiff line numberDiff line change
@@ -125,7 +125,6 @@ pub struct Env {
125125
daemonize: bool,
126126
new_pid_ns: bool,
127127
start_time_us: u64,
128-
start_time_cpu_us: u64,
129128
jailer_cpu_time_us: u64,
130129
extra_args: Vec<String>,
131130
cgroups: Vec<Box<dyn Cgroup>>,
@@ -161,11 +160,7 @@ impl fmt::Debug for Env {
161160
}
162161

163162
impl Env {
164-
pub fn new(
165-
arguments: &arg_parser::Arguments,
166-
start_time_us: u64,
167-
start_time_cpu_us: u64,
168-
) -> Result<Self, JailerError> {
163+
pub fn new(arguments: &arg_parser::Arguments, start_time_us: u64) -> Result<Self, JailerError> {
169164
// Unwraps should not fail because the arguments are mandatory arguments or with default
170165
// values.
171166
let id = arguments
@@ -290,7 +285,6 @@ impl Env {
290285
daemonize,
291286
new_pid_ns,
292287
start_time_us,
293-
start_time_cpu_us,
294288
jailer_cpu_time_us: 0,
295289
extra_args: arguments.extra_args(),
296290
cgroups,
@@ -502,7 +496,6 @@ impl Env {
502496
Command::new(chroot_exec_file)
503497
.args(["--id", &self.id])
504498
.args(["--start-time-us", &self.start_time_us.to_string()])
505-
.args(["--start-time-cpu-us", &self.start_time_cpu_us.to_string()])
506499
.args(["--parent-cpu-time-us", &self.jailer_cpu_time_us.to_string()])
507500
.stdin(Stdio::inherit())
508501
.stdout(Stdio::inherit())
@@ -730,10 +723,7 @@ impl Env {
730723
}
731724

732725
// Compute jailer's total CPU time up to the current time.
733-
self.jailer_cpu_time_us +=
734-
utils::time::get_time_us(utils::time::ClockType::ProcessCpu) - self.start_time_cpu_us;
735-
// Reset process start time.
736-
self.start_time_cpu_us = 0;
726+
self.jailer_cpu_time_us += utils::time::get_time_us(utils::time::ClockType::ProcessCpu);
737727

738728
// If specified, exec the provided binary into a new PID namespace.
739729
if self.new_pid_ns {
@@ -858,7 +848,7 @@ mod tests {
858848
let arg_parser = build_arg_parser();
859849
let mut args = arg_parser.arguments().clone();
860850
args.parse(&make_args(&ArgVals::new())).unwrap();
861-
Env::new(&args, 0, 0).unwrap()
851+
Env::new(&args, 0).unwrap()
862852
}
863853

864854
#[test]
@@ -872,7 +862,7 @@ mod tests {
872862
args.parse(&make_args(&good_arg_vals)).unwrap();
873863
// This should be fine.
874864
let good_env =
875-
Env::new(&args, 0, 0).expect("This new environment should be created successfully.");
865+
Env::new(&args, 0).expect("This new environment should be created successfully.");
876866

877867
let mut chroot_dir = PathBuf::from(good_arg_vals.chroot_base);
878868
chroot_dir.push(Path::new(good_arg_vals.exec_file).file_name().unwrap());
@@ -897,7 +887,7 @@ mod tests {
897887
let arg_parser = build_arg_parser();
898888
args = arg_parser.arguments().clone();
899889
args.parse(&make_args(&another_good_arg_vals)).unwrap();
900-
let another_good_env = Env::new(&args, 0, 0)
890+
let another_good_env = Env::new(&args, 0)
901891
.expect("This another new environment should be created successfully.");
902892
assert!(!another_good_env.daemonize);
903893
assert!(!another_good_env.new_pid_ns);
@@ -915,7 +905,7 @@ mod tests {
915905
let arg_parser = build_arg_parser();
916906
args = arg_parser.arguments().clone();
917907
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
918-
Env::new(&args, 0, 0).unwrap_err();
908+
Env::new(&args, 0).unwrap_err();
919909

920910
let invalid_res_limit_arg_vals = ArgVals {
921911
resource_limits: vec!["zzz"],
@@ -925,7 +915,7 @@ mod tests {
925915
let arg_parser = build_arg_parser();
926916
args = arg_parser.arguments().clone();
927917
args.parse(&make_args(&invalid_res_limit_arg_vals)).unwrap();
928-
Env::new(&args, 0, 0).unwrap_err();
918+
Env::new(&args, 0).unwrap_err();
929919

930920
let invalid_id_arg_vals = ArgVals {
931921
id: "/ad./sa12",
@@ -935,7 +925,7 @@ mod tests {
935925
let arg_parser = build_arg_parser();
936926
args = arg_parser.arguments().clone();
937927
args.parse(&make_args(&invalid_id_arg_vals)).unwrap();
938-
Env::new(&args, 0, 0).unwrap_err();
928+
Env::new(&args, 0).unwrap_err();
939929

940930
let inexistent_exec_file_arg_vals = ArgVals {
941931
exec_file: "/this!/file!/should!/not!/exist!/",
@@ -946,7 +936,7 @@ mod tests {
946936
args = arg_parser.arguments().clone();
947937
args.parse(&make_args(&inexistent_exec_file_arg_vals))
948938
.unwrap();
949-
Env::new(&args, 0, 0).unwrap_err();
939+
Env::new(&args, 0).unwrap_err();
950940

951941
let invalid_uid_arg_vals = ArgVals {
952942
uid: "zzz",
@@ -956,7 +946,7 @@ mod tests {
956946
let arg_parser = build_arg_parser();
957947
args = arg_parser.arguments().clone();
958948
args.parse(&make_args(&invalid_uid_arg_vals)).unwrap();
959-
Env::new(&args, 0, 0).unwrap_err();
949+
Env::new(&args, 0).unwrap_err();
960950

961951
let invalid_gid_arg_vals = ArgVals {
962952
gid: "zzz",
@@ -966,7 +956,7 @@ mod tests {
966956
let arg_parser = build_arg_parser();
967957
args = arg_parser.arguments().clone();
968958
args.parse(&make_args(&invalid_gid_arg_vals)).unwrap();
969-
Env::new(&args, 0, 0).unwrap_err();
959+
Env::new(&args, 0).unwrap_err();
970960

971961
let invalid_parent_cg_vals = ArgVals {
972962
parent_cgroup: Some("/root"),
@@ -976,7 +966,7 @@ mod tests {
976966
let arg_parser = build_arg_parser();
977967
args = arg_parser.arguments().clone();
978968
args.parse(&make_args(&invalid_parent_cg_vals)).unwrap();
979-
Env::new(&args, 0, 0).unwrap_err();
969+
Env::new(&args, 0).unwrap_err();
980970

981971
let invalid_controller_pt = ArgVals {
982972
cgroups: vec!["../file_name=1", "./root=1", "/home=1"],
@@ -985,7 +975,7 @@ mod tests {
985975
let arg_parser = build_arg_parser();
986976
args = arg_parser.arguments().clone();
987977
args.parse(&make_args(&invalid_controller_pt)).unwrap();
988-
Env::new(&args, 0, 0).unwrap_err();
978+
Env::new(&args, 0).unwrap_err();
989979

990980
let invalid_format = ArgVals {
991981
cgroups: vec!["./root/", "../root"],
@@ -994,7 +984,7 @@ mod tests {
994984
let arg_parser = build_arg_parser();
995985
args = arg_parser.arguments().clone();
996986
args.parse(&make_args(&invalid_format)).unwrap();
997-
Env::new(&args, 0, 0).unwrap_err();
987+
Env::new(&args, 0).unwrap_err();
998988

999989
// The chroot-base-dir param is not validated by Env::new, but rather in run, when we
1000990
// actually attempt to create the folder structure (the same goes for netns).
@@ -1196,7 +1186,7 @@ mod tests {
11961186
};
11971187
fs::write(exec_file_path, "some_content").unwrap();
11981188
args.parse(&make_args(&some_arg_vals)).unwrap();
1199-
let mut env = Env::new(&args, 0, 0).unwrap();
1189+
let mut env = Env::new(&args, 0).unwrap();
12001190

12011191
// Create the required chroot dir hierarchy.
12021192
fs::create_dir_all(env.chroot_dir()).expect("Could not create dir hierarchy.");
@@ -1258,7 +1248,7 @@ mod tests {
12581248
..good_arg_vals.clone()
12591249
};
12601250
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
1261-
Env::new(&args, 0, 0).unwrap_err();
1251+
Env::new(&args, 0).unwrap_err();
12621252

12631253
// Check empty string
12641254
let mut args = arg_parser.arguments().clone();
@@ -1267,7 +1257,7 @@ mod tests {
12671257
..good_arg_vals.clone()
12681258
};
12691259
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
1270-
Env::new(&args, 0, 0).unwrap_err();
1260+
Env::new(&args, 0).unwrap_err();
12711261

12721262
// Check valid file empty value
12731263
let mut args = arg_parser.arguments().clone();
@@ -1276,7 +1266,7 @@ mod tests {
12761266
..good_arg_vals.clone()
12771267
};
12781268
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
1279-
Env::new(&args, 0, 0).unwrap_err();
1269+
Env::new(&args, 0).unwrap_err();
12801270

12811271
// Check valid file no value
12821272
let mut args = arg_parser.arguments().clone();
@@ -1285,7 +1275,7 @@ mod tests {
12851275
..good_arg_vals.clone()
12861276
};
12871277
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
1288-
Env::new(&args, 0, 0).unwrap_err();
1278+
Env::new(&args, 0).unwrap_err();
12891279

12901280
// Cases that should succeed
12911281

@@ -1296,7 +1286,7 @@ mod tests {
12961286
..good_arg_vals.clone()
12971287
};
12981288
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
1299-
Env::new(&args, 0, 0).unwrap();
1289+
Env::new(&args, 0).unwrap();
13001290

13011291
// Check valid case
13021292
let mut args = arg_parser.arguments().clone();
@@ -1305,7 +1295,7 @@ mod tests {
13051295
..good_arg_vals.clone()
13061296
};
13071297
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
1308-
Env::new(&args, 0, 0).unwrap();
1298+
Env::new(&args, 0).unwrap();
13091299

13101300
// Check file with multiple "."
13111301
let mut args = arg_parser.arguments().clone();
@@ -1314,7 +1304,7 @@ mod tests {
13141304
..good_arg_vals.clone()
13151305
};
13161306
args.parse(&make_args(&invalid_cgroup_arg_vals)).unwrap();
1317-
Env::new(&args, 0, 0).unwrap();
1307+
Env::new(&args, 0).unwrap();
13181308
}
13191309

13201310
#[test]

src/jailer/src/main.rs

-1
Original file line numberDiff line numberDiff line change
@@ -369,7 +369,6 @@ fn main_exec() -> Result<(), JailerError> {
369369
Env::new(
370370
arguments,
371371
utils::time::get_time_us(utils::time::ClockType::Monotonic),
372-
utils::time::get_time_us(utils::time::ClockType::ProcessCpu),
373372
)
374373
.and_then(|env| {
375374
fs::create_dir_all(env.chroot_dir())

src/vmm/src/logger/metrics.rs

+7-9
Original file line numberDiff line numberDiff line change
@@ -333,15 +333,13 @@ impl ProcessTimeReporter {
333333

334334
/// Obtain process CPU start time in microseconds.
335335
pub fn report_cpu_start_time(&self) {
336-
if let Some(cpu_start_time) = self.start_time_cpu_us {
337-
let delta_us = utils::time::get_time_us(utils::time::ClockType::ProcessCpu)
338-
- cpu_start_time
339-
+ self.parent_cpu_time_us.unwrap_or_default();
340-
METRICS
341-
.api_server
342-
.process_startup_time_cpu_us
343-
.store(delta_us);
344-
}
336+
let delta_us = utils::time::get_time_us(utils::time::ClockType::ProcessCpu)
337+
- self.start_time_cpu_us.unwrap_or_default()
338+
+ self.parent_cpu_time_us.unwrap_or_default();
339+
METRICS
340+
.api_server
341+
.process_startup_time_cpu_us
342+
.store(delta_us);
345343
}
346344
}
347345

0 commit comments

Comments
 (0)