Stack Overflow
Stack Overflow

Questions tagged [cgroups]

cgroups are used to control resource management in kernel. They remain in an hierarchy and a new group can be created just by creating a directory in the appropriate place. Using cgroups, a lot of resource management can be done including memory, cpu etc.

cgroups (abbreviated from control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes.

369 questions
0
votes
1 answer

Docker(containers) cgroup/namespace setup vs running Dockerfile commands as root?

From my understanding, docker sets up the required cgroup's and namespace's so containers(i.e container processes) run in isolation (isolated environment on the host system) and have limited permissions and access to the host system. So, even if the…
samshers
  • 1
  • 6
  • 37
  • 84
0
votes
2 answers

Test what cgroup version a Docker container is running with

The title almost says it all: From within a running docker container, how can I find out if it is running with cgroups 1.0 or with cgroups 2.0?
SamTheEagle
  • 63
  • 1
  • 6
0
votes
1 answer

Pods CPU getting Throttled even when CPU usage is less than requested

CPU is getting throttled even when the CPU usage for the container is below request. From what I understand pods are scheduled at nodes where there is sufficient CPU available i.e what is requested. First question here is let's say that this pod…
Devendra Singh khurana
  • 141
  • 2
  • 15
0
votes
0 answers

Delete Openvpn completely

By mistake I installed both server side and client side of Open-vpn and now I want to delete everything related to openvpn-server/client in my pc. I already did. $ sudo apt remove openvpn $ sudo apt purge openvpn $ sudo apt autoremove openvpn But…
HARSHAL RATHORE
  • 103
  • 1
  • 9
0
votes
1 answer

How to limit disks IO of Docker container?

I am working with Docker containers and observed that they tend to generate too much disk IOs. I found the --device-write-bps option which seem to address my need of limiting the disk IOs. However, this option expects a path to a device, but the…
Nicolas B.
  • 476
  • 1
  • 5
  • 9
0
votes
2 answers

How to share a CPU quota among multiple containers?

Assume I have a pod with 3 containers: X, Y, and Z. K8S can set a cpu limit for each container in a pod. However, if I set 1000M CPU limit to each container, then any container cannot use more than 1000M CPU even if the other two are ilde, which is…
xmllmx
  • 39,765
  • 26
  • 162
  • 323
0
votes
0 answers

Cgroup memory usage is different from sum of memory usage of sub cgroups

The memory usage I see here: sudo cat /sys/fs/cgroup/memory/memory.usage_in_bytes is different the from the sum of memory usage of the sub cgroups, which I calculated by getting all the sub cgroups using the following command: sudo ls -dltrh…
Akheel K M
  • 170
  • 1
  • 2
  • 10
0
votes
0 answers

Is there a way to limit Linux processes' absolute resource-spend, the way Ethereum limits transactions using gas?

Let's say I'm building something like AWS Lambda / Cloudflare Workers, where I allow users to submit arbitrary binaries, and then I run them wrapped in sandboxes (e.g. Docker containers / gVisor / etc), packed multitenant-ly onto a fleet of…
tsutsu
  • 63
  • 3
0
votes
1 answer

.Net Apache Ignite Memory cgroup out of memory

Apache Ignite Memory cgroup out of memory I have a separate cache server program,I did a test using the latest version of Apache ignite 2.10. My console program code is as follows: using Apache.Ignite.Core.Binary; using…
CSharp
  • 39
  • 7
0
votes
1 answer

The memory of cgroup rss is much higher than the summary of the memory usage of all processes in the docker container

I hava a Redis runing in a container . Inside the container cgroup rss show using about 1283MB memory. The kmem memory usage is 30.75MB. The summary of the memory usage of all processes in the docker container is 883MB. How can i figure out the …
nobb
  • 11
  • 1
  • 4
0
votes
0 answers

Run a process without actually execing into a container using nsenter

Details I wanted to run a process on a container without actually execing into it. This is because the container might not have all the packages installed to run the commands. Like if I want to run a stress command then I might not found stress in…
UDIT GAURAV
  • 53
  • 2
  • 5
0
votes
1 answer

Can I add the process name to cgroup tasks but not PID?

I need to use the ./cgroup/cpu tool to limit the CPU usage of a particular process. At present, I have achieved this, but every time I have to start the process first, then get the PID of the process, and then write the PID to the tasks…
ZH.sd
  • 83
  • 1
  • 9
0
votes
3 answers

Writing the current proces pid to cgroups.procs fails with permission denied error

I am trying to write a pid to a manually created cgroup but I am unable to do so. While writing, I am getting the following error: open /sys/fs/cgroup/pids/scratch-container-cgroup0049cba7-8f9e-42ec-9646-9b1babbfebc3/cgroups.procs: permission…
manugupt1
  • 2,337
  • 6
  • 31
  • 39
0
votes
1 answer

Rootless Podman with systemd in ubi8 Container on RHEL8 not working

We are trying to run a Container from ubi8-init Image as non root user under RHEL8 with podman. We enabled cgroups 2 globally by adding kernel parameters and checked versioins: cgroup_no_v1=all systemd.unified_cgroup_hierarchy=1 $ podman -v podman…
CozyBob
  • 43
  • 2
  • 9
0
votes
1 answer

Java (prior to JDK8 update 131) applications running in docker container CPU / Memory issues?

JVM's (JDK 8 before Update 131) running in docker containers were ignoring the CGroup limitations set by the container environment. And, they were querying for host resources and not what was allocated to the container. The result is catastrophic…
user14305942
1 2 3
24 25