2009/8/23 Krzysztof Taraszka <krzysztof.taraszka@xxxxxxxxxxxxxx> > > > 2009/8/23 Daniel Lezcano <daniel.lezcano@xxxxxxx> > >> Krzysztof Taraszka wrote: >> >>> 2009/8/23 Daniel Lezcano <daniel.lezcano@xxxxxxx> >>> >>> Krzysztof Taraszka wrote: >>>> >>>> Hello, >>>>> >>>>> I am running lxc on my debian unstable sandbox and I have a few >>>>> question >>>>> about memory managament inside linux containers based on lxc project. >>>>> >>>>> I have got linux kernel 2.6.30.5 with enabled : >>>>> >>>>> +Resource counter >>>>> ++ Memory Resource Controller for Control Groups >>>>> +++ Memory Resource Controller Swap Extension(EXPERIMENTAL) >>>>> >>>>> lxc-checkconfig pass all checks. >>>>> >>>>> I read about cgroups memory managament >>>>> (Documentation/cgroups/memory.txt) >>>>> and I tried to pass those value to my debian sandbox. >>>>> >>>>> And... >>>>> 'free -m' and 'top/htop' still show all available memory inside >>>>> container >>>>> (also If I set 32M for lxc.cgroup.memory.limit_in_bytes and >>>>> lxc.cgroup.memory.usage_in_bytes; and 64M for >>>>> lxc.cgroup.memory.memsw.usage_in_bytes and >>>>> lxc.cgroup.memory.memsw.limit_in_bytes free and top show all >>>>> resources). >>>>> >>>>> What I did wrong? Does the container always show all available memory >>>>> resources without cgroup limitations? >>>>> >>>>> At the first glance I would say the configuration is correct. >>>> But AFAIR, the memory cgroup is not isolated, if you specify 32MB you >>>> will >>>> see all the memory available on the system either if you are not allowed >>>> to >>>> use more than 32MB. If you create a program which allocates 64MB within >>>> a >>>> container configured with 32MB, and you "touch" the pages (may be that >>>> can >>>> be done with one mmap call with the MAP_POPULATE option), you should see >>>> the >>>> application swapping and the "memory.failcnt" increasing. >>>> >>>> IMHO, showing all the memory available for the system instead of showing >>>> the allowed memory with the cgroup is weird but maybe there is a good >>>> reason >>>> to do that. >>>> >>>> >>>> >>> Thank you Daniel for your reply. >>> I think that LXC should isolate memory available for containers like >>> Vserver >>> or FreeVPS do (memory + swap) if .cgroup.memory.* and >>> lxc.cgroup.memory.memsw.* is set. >>> Is there any possibility to make a patch for linux kernel / lxc-tools to >>> show the limitations inside cointainers propertly? I think is a good idea >>> and it should be apply as soon as possible. >>> >> >> Maybe a solution can be to add a new memory.meminfo file in the same >> format than /proc/meminfo, so it will be possible to mount --bind >> /cgroup/foo/memory.meminfo to /proc/meminfo for the container. >> > > Yes, I thought the same. This should allow the user-space tools based on > /proc/meminfo (such as comand line "free") show limited information :) > Hmmm... does the memory.stat is a good start point for make new one object memory.meminfo similar to /proc/meminfo? If so, I can play by my self with lxc-tools code. -- Krzysztof Taraszka _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
