By Matthias G. Eckermann and Bill Tobey, Novell Connection Magazine – September 2010
Here’s an excerpt:
When Linux servers under perform—particularly multi-purpose systems running multiple applications for multiple user groups—the root cause is frequently resource monopolization by one or more processes or users. Wouldn’t it be wonderful if you could set and enforce some ground rules to govern how much CPU, memory, disk I/O or network I/O each process or user could command?
Well you can! Control groups (cgroups) are a feature of the Linux kernel that provide mechanisms for partitioning sets of tasks into one or many hierarchical groups, and associating each group with a set of subsystem resource parameters that affect their execution performance. You might use control groups:
- To keep a Web server from using all the memory on a system that’s also running a data base
- To keep a backup system from using too much network I/O bandwidth and crashing the business apps running on the same system
- To allocate system resources among user groups of different priority (the faculty, staff and students of a university, for instance)
There are two types of control group subsystems. Isolation and special controls subsystems include five different controls: CPUset, Namespace, Freezer, Device and Checkpoint and Restart. Resource subsystems are a group of four controls: CPU, Memory, Disk and Network. Before we investigate the functions of each subsystem, it’s important to note that all are implemented in exactly the same manner, by mounting one or more subsystems as virtual file systems.
Subsystems can be mounted individually—in this case, the CPUset subsystem—as follows:
- mount -t cgroup -o cpuset none /cpuset
Or, all cgroup subsystems can be mounted at ounce:
- mount -t cgroup none / cgroup
When Linux servers under perform, the root cause is frequently resource monopolization by one or more processes or users.