How can I set negative niceness of a docker process?

Question

I have a testenvironment for code in a docker image which I use by running bash in the container:

me@host$ docker run -ti myimage bash

Inside the container, I launch a program normally by saying

root@docker# ./myprogram

However, I want the process of myprogram to have a negative niceness (there are valid reasons for this). However:

root@docker# nice -n -7 ./myprogram
nice: cannot set niceness: Permission denied

Given that docker is run by the docker daemon which runs as root and I am root inside the container, why doesn't this work and how can force a negative niceness?

Note: The docker image is running debian/sid and the host is ubuntu/12.04.

score 6 · Accepted Answer · edited Oct 08 '18 at 12:34

6

Try adding

--privileged=true

to your run command.

[edit] privileged=true is the old method. Looks like

--cap-add=SYS_NICE

Should work as well.

edited Oct 08 '18 at 12:34

allprog

16,540
9
56
97

answered Sep 25 '14 at 19:11

user2105103

11,599
2
18
11

`--privileged=true` works like charm (it would appear my docker version is not bleeding edge). Thank you. – bitmask Sep 25 '14 at 21:03
2

On my system, I got `docker: Error response from daemon: linux spec capabilities: Unknown capability to add: "CAP_CAP_SYS_NICE".` Using `--cap-add=SYS_NICE` worked. – Dave Yarwood Aug 18 '17 at 17:36

score 1 · Answer 2 · answered Sep 26 '14 at 23:13

You could also set the CPU priority of the whole container with -c for CPU shares.

Docker docs: http://docs.docker.com/reference/run/#runtime-constraints-on-cpu-and-memory
CGroups/cpu.shares docs: https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt

How can I set negative niceness of a docker process?

2 Answers2