From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel Lezcano Subject: Re: [lxc-devel] Memory Resources Date: Sun, 23 Aug 2009 20:00:18 +0200 Message-ID: <4A9183B2.7090005@free.fr> References: <4A916BC9.8040905@free.fr> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: kt-S89nZTSLPHGGdvJs77BJ7Q@public.gmane.org Cc: Linux Containers , lxc-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org List-Id: containers.vger.kernel.org Krzysztof Taraszka wrote: > 2009/8/23 Daniel Lezcano > >> Krzysztof Taraszka wrote: >> >>> Hello, >>> >>> I am running lxc on my debian unstable sandbox and I have a few question >>> about memory managament inside linux containers based on lxc project. >>> >>> I have got linux kernel 2.6.30.5 with enabled : >>> >>> +Resource counter >>> ++ Memory Resource Controller for Control Groups >>> +++ Memory Resource Controller Swap Extension(EXPERIMENTAL) >>> >>> lxc-checkconfig pass all checks. >>> >>> I read about cgroups memory managament (Documentation/cgroups/memory.txt) >>> and I tried to pass those value to my debian sandbox. >>> >>> And... >>> 'free -m' and 'top/htop' still show all available memory inside container >>> (also If I set 32M for lxc.cgroup.memory.limit_in_bytes and >>> lxc.cgroup.memory.usage_in_bytes; and 64M for >>> lxc.cgroup.memory.memsw.usage_in_bytes and >>> lxc.cgroup.memory.memsw.limit_in_bytes free and top show all resources). >>> >>> What I did wrong? Does the container always show all available memory >>> resources without cgroup limitations? >>> >> At the first glance I would say the configuration is correct. >> But AFAIR, the memory cgroup is not isolated, if you specify 32MB you will >> see all the memory available on the system either if you are not allowed to >> use more than 32MB. If you create a program which allocates 64MB within a >> container configured with 32MB, and you "touch" the pages (may be that can >> be done with one mmap call with the MAP_POPULATE option), you should see the >> application swapping and the "memory.failcnt" increasing. >> >> IMHO, showing all the memory available for the system instead of showing >> the allowed memory with the cgroup is weird but maybe there is a good reason >> to do that. >> >> > > Thank you Daniel for your reply. > I think that LXC should isolate memory available for containers like Vserver > or FreeVPS do (memory + swap) if .cgroup.memory.* and > lxc.cgroup.memory.memsw.* is set. > Is there any possibility to make a patch for linux kernel / lxc-tools to > show the limitations inside cointainers propertly? I think is a good idea > and it should be apply as soon as possible. Maybe a solution can be to add a new memory.meminfo file in the same format than /proc/meminfo, so it will be possible to mount --bind /cgroup/foo/memory.meminfo to /proc/meminfo for the container.