[lxc-devel] Memory Resources

Krzysztof Taraszka krzysztof.taraszka at gnuhosting.net
Sun Aug 23 11:17:33 PDT 2009

2009/8/23 Daniel Lezcano <daniel.lezcano at free.fr>

> Krzysztof Taraszka wrote:
>> 2009/8/23 Daniel Lezcano <daniel.lezcano at free.fr>
>>  Krzysztof Taraszka wrote:
>>>  Hello,
>>>> I am running lxc on my debian unstable sandbox and I have a few question
>>>> about memory managament inside linux containers based on lxc project.
>>>> I have got linux kernel with enabled :
>>>> +Resource counter
>>>> ++ Memory Resource Controller for Control Groups
>>>>  +++ Memory Resource Controller Swap Extension(EXPERIMENTAL)
>>>> lxc-checkconfig pass all checks.
>>>> I read about cgroups memory managament
>>>> (Documentation/cgroups/memory.txt)
>>>> and I tried to pass those value to my debian sandbox.
>>>> And...
>>>> 'free -m' and 'top/htop' still show all available memory inside
>>>> container
>>>> (also If I set 32M for lxc.cgroup.memory.limit_in_bytes and
>>>> lxc.cgroup.memory.usage_in_bytes; and 64M for
>>>> lxc.cgroup.memory.memsw.usage_in_bytes and
>>>> lxc.cgroup.memory.memsw.limit_in_bytes free and top show all resources).
>>>> What I did wrong? Does the container always show all available memory
>>>> resources  without cgroup limitations?
>>>>  At the first glance I would say the configuration is correct.
>>> But AFAIR, the memory cgroup is not isolated, if you specify 32MB you
>>> will
>>> see all the memory available on the system either if you are not allowed
>>> to
>>> use more than 32MB. If you create a program which allocates 64MB within a
>>> container configured with 32MB, and you "touch" the pages (may be that
>>> can
>>> be done with one mmap call with the MAP_POPULATE option), you should see
>>> the
>>> application swapping and the "memory.failcnt" increasing.
>>> IMHO, showing all the memory available for the system instead of showing
>>> the allowed memory with the cgroup is weird but maybe there is a good
>>> reason
>>> to do that.
>> Thank you Daniel for your reply.
>> I think that LXC should isolate memory available for containers like
>> Vserver
>> or FreeVPS do (memory + swap) if .cgroup.memory.* and
>> lxc.cgroup.memory.memsw.* is set.
>> Is there any possibility to make a patch for linux kernel / lxc-tools to
>> show the limitations inside cointainers propertly? I think is a good idea
>> and it should be apply as soon as possible.
> Maybe a solution can be to add a new memory.meminfo file in the same format
> than /proc/meminfo, so it will be possible to mount --bind
> /cgroup/foo/memory.meminfo to /proc/meminfo for the container.

Yes, I thought the same. This should allow the user-space tools based on
/proc/meminfo (such as comand line "free") show limited information :)

Krzysztof Taraszka

More information about the Containers mailing list