[libvirt] necessary to limit container's network bandwidth when use physical nic in container?
Eric W. Biederman
ebiederm at xmission.com
Tue Oct 16 02:33:33 UTC 2012
Gao feng <gaofeng at cn.fujitsu.com> writes:
> 于 2012年10月15日 16:52, Michal Privoznik 写道:
>> On 15.10.2012 10:35, Gao feng wrote:
>>> we can use tc to limit container's network bandwidth when the container uses veth device.
>>> because one of the veth devices will be seen in the host.so we can set tc rules on this
>>> device on the host.
>>> I want to know if it's necessary to limit container's network bandwidth when the container
>>> uses a physical nic device. because this nic device is only used by this container.
>>> And if this is necessary,Be there any good idea?
>> Well, that depends. If you expect you guest to consume all bandwidth
>> then you need to set a floor on root eth. Guest is then still able to
>> use the full bandwidth, however if there are some packets for the host
>> those get prioritized. In general, it's a good idea, but to tell for
>> sure one should learn more about your usage scenario.
> But we can't see container's nic device in host,how can we set a floor on
> container's root eth?
I can't see how any qos shaping of a physical nic directly assigned to a
container is useful. You may want to limit the total cpu time assigned
to a container which should throttle your network connections. But I
don't see what limiting the number of packets that go out an interface
More information about the Containers