[lxc-devel] Memory Resources

Krzysztof Taraszka krzysztof.taraszka at gnuhosting.net
Sun Aug 23 11:38:57 PDT 2009

2009/8/23 Krzysztof Taraszka <krzysztof.taraszka at gnuhosting.net>

> 2009/8/23 Daniel Lezcano <daniel.lezcano at free.fr>
>> Krzysztof Taraszka wrote:
>>> 2009/8/23 Daniel Lezcano <daniel.lezcano at free.fr>
>>>  Krzysztof Taraszka wrote:
>>>>  Hello,
>>>>> I am running lxc on my debian unstable sandbox and I have a few
>>>>> question
>>>>> about memory managament inside linux containers based on lxc project.
>>>>> I have got linux kernel with enabled :
>>>>> +Resource counter
>>>>> ++ Memory Resource Controller for Control Groups
>>>>>  +++ Memory Resource Controller Swap Extension(EXPERIMENTAL)
>>>>> lxc-checkconfig pass all checks.
>>>>> I read about cgroups memory managament
>>>>> (Documentation/cgroups/memory.txt)
>>>>> and I tried to pass those value to my debian sandbox.
>>>>> And...
>>>>> 'free -m' and 'top/htop' still show all available memory inside
>>>>> container
>>>>> (also If I set 32M for lxc.cgroup.memory.limit_in_bytes and
>>>>> lxc.cgroup.memory.usage_in_bytes; and 64M for
>>>>> lxc.cgroup.memory.memsw.usage_in_bytes and
>>>>> lxc.cgroup.memory.memsw.limit_in_bytes free and top show all
>>>>> resources).
>>>>> What I did wrong? Does the container always show all available memory
>>>>> resources  without cgroup limitations?
>>>>>  At the first glance I would say the configuration is correct.
>>>> But AFAIR, the memory cgroup is not isolated, if you specify 32MB you
>>>> will
>>>> see all the memory available on the system either if you are not allowed
>>>> to
>>>> use more than 32MB. If you create a program which allocates 64MB within
>>>> a
>>>> container configured with 32MB, and you "touch" the pages (may be that
>>>> can
>>>> be done with one mmap call with the MAP_POPULATE option), you should see
>>>> the
>>>> application swapping and the "memory.failcnt" increasing.
>>>> IMHO, showing all the memory available for the system instead of showing
>>>> the allowed memory with the cgroup is weird but maybe there is a good
>>>> reason
>>>> to do that.
>>> Thank you Daniel for your reply.
>>> I think that LXC should isolate memory available for containers like
>>> Vserver
>>> or FreeVPS do (memory + swap) if .cgroup.memory.* and
>>> lxc.cgroup.memory.memsw.* is set.
>>> Is there any possibility to make a patch for linux kernel / lxc-tools to
>>> show the limitations inside cointainers propertly? I think is a good idea
>>> and it should be apply as soon as possible.
>> Maybe a solution can be to add a new memory.meminfo file in the same
>> format than /proc/meminfo, so it will be possible to mount --bind
>> /cgroup/foo/memory.meminfo to /proc/meminfo for the container.
> Yes, I thought the same. This should allow the user-space tools based on
> /proc/meminfo (such as comand line "free") show limited information :)

Hmmm... does the memory.stat is a good start point for make new one object
memory.meminfo similar to /proc/meminfo? If so, I can play by my self with
lxc-tools code.

Krzysztof Taraszka

More information about the Containers mailing list