RFR: 8226575: OperatingSystemMXBean should be made container aware

Wed Dec 4 05:40:32 UTC 2019

Resending with the corrected subject. "RFR" was somehow stripped from it and that  breaks the sorting by subject...

Hi Mandy,

Thank you for your comments, please find my answers below.

>> src/java.base/linux/classes/jdk/internal/platform/cgroupv1/Metrics.java
>>   this should wrap the security-sensitive operations with doPrivileged.  jdk.management is trusted and it has all permissions.

I will include this change in the next webrev, thank you.

>> src/jdk.management/linux/native/libmanagement_ext/UnixOperatingSystem.c
>>    Formatting nit:  line 346-355: JDK native source uses 4-space identation convention.  A space is missing between "if" and "(".
I will correct this, thanks.

>>Under what circumstance that limit or memLimit is < 0?   
The memory limit metrics is not available if JVM runs on Linux host ( not in a docker container) or if a docker container was started without
specifying a memory limit ( without '--memory='  Docker option) . In latter there is no limit on how much memory the container can use and
it can use as much memory as the host's OS allows.

>> Is it worth  specifying this case?
I believe yes, since it covers the cases when JVM runs  on a Linux host or a docker container was started without memory limitation.

>> It fallbacks to return the system's total swap space size - this is not really what it should report.   
For the case when JVM runs on a Linux host it is exactly what we want. The only problematic case is if JVM runs inside a docker container without a memory limit set.
However, I am not sure how we could differentiate these 2 cases.

>> Similarly, getFreeMemorySize and getTotalMemorySize and getCpuLoad.   
For  getTotalMemorySize I think we are good here. If limit is not set then all memory the host's OS have is available.
For getFreeMemorySize the problematic case is if is the memory limit is set but the memory usage for some reason is not available (containerMetrics.getMemoryUsage() returns 0).
Probably in this case we should just return -1 as currently getFreePhysicalMemorySize0() does if it cannot retrieve a valid result.

For getCpuLoad() the problematic case if CPU quotas are active but CpuPeriod,  CpuNumPeriods , or getCpuUsage are unavailable or if a valid  CPU load for some CPU was
not retrieved, or if all retrieved CPU load values happen to be zeros. Probably we should just  return -1 in these cases rather then falling back to getSystemCpuLoad0()

>>src/jdk.management/windows/classes/com/sun/management/internal/OperatingSystemImpl.java
>>    There is no strong need to make the deprecated methods as default methods.  If they were default methods, they only need to be implemented once as opposed to in all OS-specific implementations.
I could make these methods defaults if you feel it is a better approach here.

>>CheckOperatingSystemMXBean.java
>>     System.out.println(String.format(...)) can simply be replaced with System.out.format.
I will include this change in the next webrev, thank you!

Best regards,
Daniil

    From: Mandy Chung <mandy.chung at oracle.com>
    Date: Tuesday, December 3, 2019 at 4:10 PM
    To: Daniil Titov <daniil.x.titov at oracle.com>
    Cc: OpenJDK Serviceability <serviceability-dev at openjdk.java.net>, "jmx-dev at openjdk.java.net" <jmx-dev at openjdk.java.net>, Bob Vandette <bob.vandette at oracle.com>
    Subject: Re: RFR: 8226575: OperatingSystemMXBean should be made container aware

    On 12/3/19 11:42 AM, Daniil Titov wrote:
    Please review the change that makes OperatingSystemMXBean methods return container specific informationrather than the host based data.

    The webrev also takes into account the case when java.security.AccessControlException exception is thrown
    during the initialization of the container subsystem ( e.g.  when java.policy doesn’t grant "read" access to "/proc/self/mountinfo" file).

    Instead of failing to access /proc/self/mountinfo, I expect this to wrap the call with doPrivileged so that it can report the metrics independent of the security policy.  The jdk default security policy should grant proper permission to do so.

    CSR for the spec changes [3] is approved.

    Testing: Mach5 tiers1, tiers2, tiers3, tier4, tier5 (including open/test/hotspot/jtreg/containers/docker),  and tier6 tests passed .

    [1] Webrev:  http://cr.openjdk.java.net/~dtitov/8226575/webrev.02/ 
    [2] Jira issue :https://bugs.openjdk.java.net/browse/JDK-8226575 
    [3] CSR https://bugs.openjdk.java.net/browse/JDK-8228428 

    src/java.base/linux/classes/jdk/internal/platform/cgroupv1/Metrics.java
        this should wrap the security-sensitive operations with doPrivileged.  jdk.management is trusted and it has all permissions.

    src/jdk.management/linux/native/libmanagement_ext/UnixOperatingSystem.c
        Formatting nit:  line 346-355: JDK native source uses 4-space identation convention.  A space is missing between "if" and "(".

    src/jdk.management/unix/classes/com/sun/management/internal/OperatingSystemImpl.java
      59             if (limit >= 0 && memLimit >= 0) {
      60                 return limit - memLimit;
      61             }

    Under what circumstance that limit or memLimit is < 0?   It fallbacks to return the system's total swap space size - this is not really what it should report.   Is it worth  specifying this case? Similarly, getFreeMemorySize and getTotalMemorySize and getCpuLoad.   

    getFreeSwapSpaceSize retry for a few times.  What special about this method but not others like getFreeMemorySize?

    src/jdk.management/windows/classes/com/sun/management/internal/OperatingSystemImpl.java
         There is no strong need to make the deprecated methods as default methods.  If they were default methods, they only need to be implemented once as opposed to in all OS-specific implementations.

    CheckOperatingSystemMXBean.java
         System.out.println(String.format(...)) can simply be replaced with System.out.format.

    Mandy