Trigger repository-scoped cgroups on startup - v2
Another attempt at !7094 (merged)
Cgroups managed by Gitaly are nested under a subdirectory of the cgroups
mountpoint, configurable by the user as the hierarchy_root
option. See
https://docs.gitlab.com/ee/administration/gitaly/configure_gitaly.html#configure-repository-cgroups-new-method
for more information.
hierarchy_root
is expected to exist on the system before Gitaly is
started; the administrator is expected to create this subdirectory and
chown the appropriate files within the directory to the git
user.
While this is fairly simple with a VM setup, it gets more complicated when Gitaly is deployed in a Kubernetes cluster. There will be more risk that permissions aren't configured correctly when the cgroups mountpoint is mounted into the container.
To catch these issues early, we should create a repository-scoped cgroup
when the cgroups manager is initialised. This would validate the end-to-
end configuration and ensure we don't fail with an opaque error when we
later try to execute a git
process.
Modify Setup() to create a repository-scoped cgroup with a repository ID
of 0. This triggers the creation of the repos-0
subdirectory under
hierarchy_root
but does not add a process. Creating this subdirectory
is sufficient in testing permissions