On Fri, Jan 31, 2014 at 08:27:29AM -0500, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/30/2014 07:09 PM, Zbigniew Jędrzejewski-Szmek wrote: > > On Thu, Jan 30, 2014 at 04:29:14PM -0500, Dan Walsh wrote: > >> If I want to run a container as a service, it would be nice if it used > >> the service cgroup configuration > > Your patch will break the integration with machienctl, etc. Would instead > > assigning the slice with --slice be enough? > > > > Zbyszek > > > My goal is if I run systemd-nspawn within a systemd unit file, perhaps as a > plugin to docker, I want to allow the system administrator to just add > > MemoryLimit=500m You can set the limit on the service, or on the slice.
On the service: # /etc/systemd/system/systemd-nspawn@<container>.d/limits.conf [Service] MemoryLimit=500M On the slice: # /etc/systemd/system/systemd-nspawn@<container>.d/slice.conf [Service] Slice=system-<container>.slice # /etc/systemd/system/system-<container>.slice # (note that the path here makes this slice part of /system not /machine [Slice] MemoryLimit=500M You can alternatively specify the slice with --slice argument to nspawn. Zbyszek _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
