How I read the cgroups manual.

1. How I read the cgroups manual.

1.1. Literature

Total 160 pages.

1.1.1. man 8 cgroups

1.1.2. https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html

Not the last version, but I already lost the filename. From some kernel file October 2015, Tejun Heo

1.2. Which packages are responsible for cgroups in Slackware?

1.2.1. sysvinit-scripts-2.1-noarch-26:28:etc/rc.d/rc.S

Mounts the v1 filesystem and starts the services.

1.2.2. cgmanager-0.42-x86_64-1

Is used mostly for proxying control groups to containers.

1.2.3. libcgroup-0.41-x86_64-5

Has an actual daemon to manage control groups.

1.5. Basic logic for the resource usage restriction

  1. I want nasty guys to never occupy more than 75% of the cpu.

    echo 10000 > /sys/fs/cgroup/cpu/firefox/cpu.cfs_period_us echo 30000 > /sys/fs/cgroup/cpu/firefox/cpu.cfs_quota

    1. Should I even want to launch every firefox window as a separate group?

      Because when Firefox eats all the CPU, it seems to be doing so with all processes.

  2. I want to make nasty guys never have more than memsize/2 of memory.

    /sys/fs/cgroup/memory/firefox/memory.limit_in_bytes

  3. I want GUI subsystem apps to never swap and always have at least 10% cpu and at least 1Gb of RAM.

    The GUI subsystem apps are: Xorg xfdesktop xfwm4 xfce4-* Thunar* /usr/lib64/xfce4* /usr/libexec/* xscreensaver scim

    cpu is set by: echo 128 > /sys/fs/cgroup/cpu/gui/cpu.shares

    No swap option is set by: echo 0 > /sys/fs/cgroup/gui/memory.swappiness

    Using controllers v1, it seems that it’s not possible to set the ’guaranteed’ amount of RAM.

  4. I want mission-critical apps to have at least 1Gb of memory and have at least 25% cpu

    Mission-critical apps are: /sbin/* /usr/sbin/* /usr/local/sbin/* Anything that UID1 runs. $(cat /etc/shells) SCREEN /usr/bin/dbus-daemon /bin/su /bin/sulogin

    cpu is set by: echo 256 > /sys/fs/cgroup/cpu/system/cpu.shares

    memory: I don’t know how to give a minimal memory guarantee to an app using v1 controllers.

  5. I want to always have at least $MEMSIZE of swap free (for hibernation)
    1. I need to add ’swapaccount=1’ to boot/efi
    2. I need to set the memory limit in the root group:

      sys/fs/cgroup/memory/memory.memsw.limit_in_bytes Needs to have the value of swap size. command: free -b | awk ’/Swap {print $3}’

      I need to add it to cgrules.conf, right?

  6. I want any process to never occupy more than 90% of the cpu time

    CONFIG_CFS_BANDWIDTH, cpu controller Seems weird, as if I have to make a group for every process out there.

    echo 100000 > /sys/fs/cgroup/cpu/cpu.cfs_period_us echo 360000 > /sys/fs/cgroup/cpu/cpu.cfs_quota

  7. I want to use the Lennart’s “bash grouping trick”
    1. /sbin/lwf_rc.auto_cpu_cgroup_remover

      #!/bin/sh

      cgdelete -g cpu:“$*” fi #if [ “$*” != “/user” ]; then

      #fi

    2. /etc/rc.d/rc.lwf_lennarts_bash_trick

      #!/bin/sh . /etc/rc.d/init.d/functions

      start() { echo -n $“Setting the cpu cgroup release agent: ” echo “/sbin/rc.auto_cpu_cgroup_remover” > /sys/fs/cgroup/cpu/release_agent

      for username in $(awk -F: ’$3 >= 1000 && $1 != “nobody” {print $1}’ /etc/passwd); do

      cgcreate -g cpu:/$username/private -t $username:users -a $username:users –dperm=755 –tperm=755 –fperm=755 done echo I also need to add a dynamic rule to the cgred service… TODO chmod +x /etc/profile.d/00lwf_bash_group.sh chmod +x /etc/profile.d/00lwf_bash_group.csh return $? } stop() { echo -n $“Clearing the cpu cgroup release agent: ” echo “” > /sys/fs/cgroup/cpu/release_agent chmod -x /etc/profile.d/00lwf_bash_group.sh chmod -x /etc/profile.d/00lwf_bash_group.csh echo -n $“Clearing user groups.” for dirname in $(find . -type d -not -path ’.’ -not -path ’..’ -printf “%f ”); do cgdelete -r -g cpu:/users/private done return $? } status() { echo $“Release agent: ” cat -t /sys/fs/cgroup/cpu/release_agent echo $“Profile status:” file=/etc/profile.d/00lwf_bash_group.sh for file in {“/etc/profile.d/00lwf_bash_group.sh”,“/etc/profile.d/00lwf_bash_group.sh”} ; do if ( -x “$file” ) then echo “File ‘$file’ is executable” else echo “File ‘$file’ is not executable or found” endif done return $? } case "\(1" in start) start RETVAL=\)? ;; stop) stop RETVAL=\(? ;; status) status RETVAL=\)? ;; restart) stop start RETVAL=$? ;;

      *) echo $“Usage: $0 {start|stop|status}” RETVAL=2 ;; esac

      exit $RETVAL

    3. Add rc.lwf_set_auto_cpu_cgroup_remover to /etc/rc.d/rc3.d and rc4.d

      Add these lines to the doinst.sh ln -s /etc/rc.d/rc.lwf_lennarts_bash_trick /etc/rc.d/rc3.d/S00cpu_cgroup_remover ln -s /etc/rc.d/rc.lwf_lennarts_bash_trick /etc/rc.d/rc4.d/S00cpu_cgroup_remover

    4. /etc/profile.d/00lwf_bash_group.sh

      if [ “$PS1” ] ; then #mkdir -m 0700 /sys/fs/cgroup/cpu/user/\[ agroupname=/users/$(whoami)/private/\] cgcreate -g $agroupname echo $$ > $agroupname/tasks fi

    5. /etc/profile.d/00lwf_bash_group.csh

      /bin/echo “I have no idea how to implement this in C-shell.”

  8. I want some more latency tricks.

    I’m not sure about the next line: Is one millisecond a lot or not? echo 1000000 > /proc/sys/kernel/sched_min_granularity_ns

1.8. I do use the dlack’s PAM packages

So I can just as well cofigure PAM to juggle groups But I will defer this till version 2.