On 2019-06-18 11:59, Stéphane Graber wrote:
So we have plans to introduce project quotas which will allow placing
such restrictions in a clean way through LXD.
Until then you can manually tweak /sys/fs/cgroup/memory/lxc or
/sys/fs/cgroup/memory/lxc.payload (depending on version of liblxc) as
all containers reside under there and limits are hierarchical.
It's pretty similar to what systemd would attempt to do except that
liblxc/lxd bypass systemd's expected cgroup so placing the limit
through
systemd wouldn't work.
I was just going to test systemd - because systemd-cgls shows these:
1) this is just the monitor process, so setting any limits on it won't
have the desired effect:
├─lxc.monitor
│ ├─shard01d
│ │ └─26025 [lxc monitor] /var/snap/lxd/common/lxd/containers shard01d
│ └─uni01-2019-06-18-01-09-11
│ └─11442 [lxc monitor] /var/snap/lxd/common/lxd/containers
uni01-2019-06-18-01-09-11
2) Container processes seem to be all under lxc.payload tree:
─lxc.payload
│ ├─shard01d
│ │ ├─ 488 /usr/sbin/mysqld --daemonize
--pid-file=/var/run/mysqld/mysqld.pid
│ │ ├─ 1821 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
│ │ ├─ 3158 /lib/systemd/systemd-udevd
│ │ ├─ 3878 /usr/sbin/rsyslogd -n
│ │ ├─ 4592 /sbin/rpcbind -f -w
(...)
│ └─uni01-2019-06-18-01-09-11
│ ├─ 2875 /usr/bin/php cli.php Jiradaemon
│ ├─ 3446 /usr/bin/php cli.php Jiradaemon
│ ├─ 4022 pickup -l -t unix -u -c
│ ├─ 4180 /usr/bin/php cli.php Jiradaemon
(...)
But since there isn't any "lxc.payload" systemd service - then yes, like
you said - I'd need to dive into /sys/fs/cgroup/memory/ for now.
Great to hear project quotas are in the plans!
Tomasz Chmielewski
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
