From 969cea683615e79c7e6548f945f15af80ad58a8a Mon Sep 17 00:00:00 2001
From: Sam Lockart <sam@samlockart.com>
Date: Sat, 24 Jun 2023 03:11:26 +0000
Subject: [PATCH] file-systems: Use cgroups v2.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

cgroup v2 is the next generation of the control groups API.  This patch
replaces the cgroup v1 file systems with the unified cgroup v2 file
system.

cgroup v2 allows for things like containerd/podman to run rootless
containers and opens guix system up to running things like Kubernetes.

Thanks to Hilton Chain <hako@ultrarare.space> for suggesting the Docker
service change.

* gnu/system/file-systems.scm (%control-groups): Change to a single
"cgroup2" mount point.
* gnu/services/docker.scm (docker-shepherd-service): Trim 'requirement'
field accordingly.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
---
 gnu/services/docker.scm     |  7 +------
 gnu/system/file-systems.scm | 27 +++++++--------------------
 2 files changed, 8 insertions(+), 26 deletions(-)

diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm
index 741bab5a8c..c2023d618c 100644
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@@ -116,12 +116,7 @@ loop-back communications.")
            (requirement '(containerd
                           dbus-system
                           elogind
-                          file-system-/sys/fs/cgroup/blkio
-                          file-system-/sys/fs/cgroup/cpu
-                          file-system-/sys/fs/cgroup/cpuset
-                          file-system-/sys/fs/cgroup/devices
-                          file-system-/sys/fs/cgroup/memory
-                          file-system-/sys/fs/cgroup/pids
+                          file-system-/sys/fs/cgroup
                           networking
                           udev))
            (start #~(make-forkexec-constructor
diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm
index 0ff5a0dcf6..95b757a698 100644
--- a/gnu/system/file-systems.scm
+++ b/gnu/system/file-systems.scm
@@ -445,26 +445,13 @@ TARGET in the other system."
     (flags '(read-only bind-mount no-atime))))
 
 (define %control-groups
-  (let ((parent (file-system
-                  (device "cgroup")
-                  (mount-point "/sys/fs/cgroup")
-                  (type "tmpfs")
-                  (check? #f))))
-    (cons parent
-          (map (lambda (subsystem)
-                 (file-system
-                   (device "cgroup")
-                   (mount-point (string-append "/sys/fs/cgroup/" subsystem))
-                   (type "cgroup")
-                   (check? #f)
-                   (options subsystem)
-                   (create-mount-point? #t)
-
-                   ;; This must be mounted after, and unmounted before the
-                   ;; parent directory.
-                   (dependencies (list parent))))
-               '("cpuset" "cpu" "cpuacct" "memory" "devices" "freezer"
-                 "blkio" "perf_event" "pids")))))
+  ;; The cgroup2 file system.
+  (list (file-system
+          (device "none")
+	  (mount-point "/sys/fs/cgroup")
+	  (type "cgroup2")
+	  (check? #f)
+	  (create-mount-point? #f))))
 
 (define %elogind-file-systems
   ;; We don't use systemd, but these file systems are needed for elogind,