Control groups (strong>cgroups) enable you to allocate computing resources to specific processes or tasks. You can assign a set of CPU and memory to a specific group of tasks or even to a specific user. The post here details out the steps to allocate a defined memory resource to a specific use. Ulimit won’t be able to achieve this goal as ulimit limits user memory consumption per process. The best possible option is to use cgroups. With cgroups users can be limited not only to meomry resources but as well CPU/IO. Let’s see an example to limit the memory used by user “john” to 100mb.
Limiting the memory for a specific user
1. Edit the cgroups configuration file /etc/cgconfig.conf and add the below lines
# vi /etc/cgconfig.conf group memlimit { memory { memory.limit_in_bytes = 104857600; #### limit memory to 100MB } }
Above peice of code will create cgroup called memlimit where limit is 100mb.
2. Now edit another file /etc/cgrules.conf and add below line:
# vi /etc/cgrules.conf john memory memlimit
This will tell cgroups that user john will be added to memlimit cgroup and will be able to take only 100mb from the system.
3. Once you are done with editing the configuration files, restart the services cgred and cgconfig.
# service cgred restart # service cgconfig restart
cgred (control group rules engine daemon) service – used to moves tasks into cgroups according to parameters set in the /etc/cgrules.conf file.
4. Enable both the services to start on system boot. With this we make sure the configuration files /etc/cgconfig.conf and /etc/cgrules.conf are readt at boot time and cgroups are created.
# chkconfig cgred on # chkconfig cgconfig on