pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / doc / manual / administration / control-groups.xml
at 18.09-beta 3.1 kB view raw
1<chapter xmlns="http://docbook.org/ns/docbook" 2 xmlns:xlink="http://www.w3.org/1999/xlink" 3 xmlns:xi="http://www.w3.org/2001/XInclude" 4 version="5.0" 5 xml:id="sec-cgroups"> 6 <title>Control Groups</title> 7 <para> 8 To keep track of the processes in a running system, systemd uses 9 <emphasis>control groups</emphasis> (cgroups). A control group is a set of 10 processes used to allocate resources such as CPU, memory or I/O bandwidth. 11 There can be multiple control group hierarchies, allowing each kind of 12 resource to be managed independently. 13 </para> 14 <para> 15 The command <command>systemd-cgls</command> lists all control groups in the 16 <literal>systemd</literal> hierarchy, which is what systemd uses to keep 17 track of the processes belonging to each service or user session: 18<screen> 19$ systemd-cgls 20├─user 21│ └─eelco 22│ └─c1 23│ ├─ 2567 -:0 24│ ├─ 2682 kdeinit4: kdeinit4 Running... 25│ ├─ <replaceable>...</replaceable> 26│ └─10851 sh -c less -R 27└─system 28 ├─httpd.service 29 │ ├─2444 httpd -f /nix/store/3pyacby5cpr55a03qwbnndizpciwq161-httpd.conf -DNO_DETACH 30 │ └─<replaceable>...</replaceable> 31 ├─dhcpcd.service 32 │ └─2376 dhcpcd --config /nix/store/f8dif8dsi2yaa70n03xir8r653776ka6-dhcpcd.conf 33 └─ <replaceable>...</replaceable> 34</screen> 35 Similarly, <command>systemd-cgls cpu</command> shows the cgroups in the CPU 36 hierarchy, which allows per-cgroup CPU scheduling priorities. By default, 37 every systemd service gets its own CPU cgroup, while all user sessions are in 38 the top-level CPU cgroup. This ensures, for instance, that a thousand 39 run-away processes in the <literal>httpd.service</literal> cgroup cannot 40 starve the CPU for one process in the <literal>postgresql.service</literal> 41 cgroup. (By contrast, it they were in the same cgroup, then the PostgreSQL 42 process would get 1/1001 of the cgroup’s CPU time.) You can limit a 43 service’s CPU share in <filename>configuration.nix</filename>: 44<programlisting> 45<link linkend="opt-systemd.services._name_.serviceConfig">systemd.services.httpd.serviceConfig</link>.CPUShares = 512; 46</programlisting> 47 By default, every cgroup has 1024 CPU shares, so this will halve the CPU 48 allocation of the <literal>httpd.service</literal> cgroup. 49 </para> 50 <para> 51 There also is a <literal>memory</literal> hierarchy that controls memory 52 allocation limits; by default, all processes are in the top-level cgroup, so 53 any service or session can exhaust all available memory. Per-cgroup memory 54 limits can be specified in <filename>configuration.nix</filename>; for 55 instance, to limit <literal>httpd.service</literal> to 512 MiB of RAM 56 (excluding swap): 57<programlisting> 58<link linkend="opt-systemd.services._name_.serviceConfig">systemd.services.httpd.serviceConfig</link>.MemoryLimit = "512M"; 59</programlisting> 60 </para> 61 <para> 62 The command <command>systemd-cgtop</command> shows a continuously updated 63 list of all cgroups with their CPU and memory usage. 64 </para> 65</chapter>