On Tue, Feb 11, 2025 at 04:55:33AM +0000, Roman Gushchin wrote: [...] > > Maybe I'm missing something, but somehow it wasn't a problem for many years. > Nothing really changed here. > > So maybe someone can come up with a better explanation of a specific problem > we're trying to solve here? The most simple explanation is visibility. Workloads that used to run solo are being moved to a multi-tenant but non-overcommited environment and they need to know their capacity which they used to get from system metrics. Now they have to get from cgroup limit files but usage of cgroup namespace limits those workloads to extract the needed information.
