Lines Matching +full:protection +full:- +full:domain
1 .. _cgroup-v2:
11 conventions of cgroup v2. It describes all userland-visible aspects
14 v1 is available under :ref:`Documentation/admin-guide/cgroup-v1/index.rst <cgroup-v1>`.
19 1-1. Terminology
20 1-2. What is cgroup?
22 2-1. Mounting
23 2-2. Organizing Processes and Threads
24 2-2-1. Processes
25 2-2-2. Threads
26 2-3. [Un]populated Notification
27 2-4. Controlling Controllers
28 2-4-1. Enabling and Disabling
29 2-4-2. Top-down Constraint
30 2-4-3. No Internal Process Constraint
31 2-5. Delegation
32 2-5-1. Model of Delegation
33 2-5-2. Delegation Containment
34 2-6. Guidelines
35 2-6-1. Organize Once and Control
36 2-6-2. Avoid Name Collisions
38 3-1. Weights
39 3-2. Limits
40 3-3. Protections
41 3-4. Allocations
43 4-1. Format
44 4-2. Conventions
45 4-3. Core Interface Files
47 5-1. CPU
48 5-1-1. CPU Interface Files
49 5-2. Memory
50 5-2-1. Memory Interface Files
51 5-2-2. Usage Guidelines
52 5-2-3. Memory Ownership
53 5-3. IO
54 5-3-1. IO Interface Files
55 5-3-2. Writeback
56 5-3-3. IO Latency
57 5-3-3-1. How IO Latency Throttling Works
58 5-3-3-2. IO Latency Interface Files
59 5-3-4. IO Priority
60 5-4. PID
61 5-4-1. PID Interface Files
62 5-5. Cpuset
63 5.5-1. Cpuset Interface Files
64 5-6. Device
65 5-7. RDMA
66 5-7-1. RDMA Interface Files
67 5-8. DMEM
68 5-9. HugeTLB
69 5.9-1. HugeTLB Interface Files
70 5-10. Misc
71 5.10-1 Miscellaneous cgroup Interface Files
72 5.10-2 Migration and Ownership
73 5-11. Others
74 5-11-1. perf_event
75 5-N. Non-normative information
76 5-N-1. CPU controller root cgroup process behaviour
77 5-N-2. IO controller root cgroup process behaviour
79 6-1. Basics
80 6-2. The Root and Views
81 6-3. Migration and setns(2)
82 6-4. Interaction with Other Namespaces
84 P-1. Filesystem Support for Writeback
87 R-1. Multiple Hierarchies
88 R-2. Thread Granularity
89 R-3. Competition Between Inner Nodes and Threads
90 R-4. Other Interface Issues
91 R-5. Controller Issues and Remedies
92 R-5-1. Memory
99 -----------
108 ---------------
114 cgroup is largely composed of two parts - the core and controllers.
130 hierarchical - if a controller is enabled on a cgroup, it affects all
132 sub-hierarchy of the cgroup. When a controller is enabled on a nested
142 --------
147 # mount -t cgroup2 none $MOUNT_POINT
157 is no longer referenced in its current hierarchy. Because per-cgroup
164 to inter-controller dependencies, other controllers may need to be
185 ignored on non-init namespace mounts. Please refer to the
202 option is ignored on non-init namespace mounts.
205 Recursively apply memory.min and memory.low protection to
210 behavior but is a mount-option to avoid regressing setups
212 high 'bypass' protection values at higher tree levels).
224 controller. The pre-allocated pool does not belong to anyone.
237 memory protection and reclaim dynamics. Any userspace tuning
244 The option restores v1-like behavior of pids.events:max, that is only
252 --------------------------------
258 A child cgroup can be created by creating a sub-directory::
263 structure. Each cgroup has a read-writable interface file
265 belong to the cgroup one-per-line. The PIDs are not ordered and the
296 0::/test-cgroup/test-cgroup-nested
303 0::/test-cgroup/test-cgroup-nested (deleted)
313 domain to host resource consumptions which are not specific to a
315 a subtree while still maintaining the common resource domain for them.
318 The ones which don't are called domain controllers.
320 Marking a cgroup threaded makes it join the resource domain of its
322 cgroup whose resource domain is further up in the hierarchy. The root
324 threaded, is called threaded domain or thread root interchangeably and
325 serves as the resource domain for the entire subtree.
329 constraint - threaded controllers can be enabled on non-leaf cgroups
332 As the threaded domain cgroup hosts all the domain resource
337 serve both as a threaded domain and a parent to domain cgroups.
341 domain, a domain which is serving as the domain of a threaded subtree,
344 On creation, a cgroup is always a domain cgroup and can be made
350 Once threaded, the cgroup can't be made a domain again. To enable the
353 - As the cgroup will join the parent's resource domain. The parent
354 must either be a valid (threaded) domain or a threaded cgroup.
356 - When the parent is an unthreaded domain, it must not have any domain
357 controllers enabled or populated domain children. The root is
360 Topology-wise, a cgroup can be in an invalid state. Please consider
363 A (threaded domain) - B (threaded) - C (domain, just created)
365 C is created as a domain but isn't connected to a parent which can
367 threaded cgroup. "cgroup.type" file will report "domain (invalid)" in
371 A domain cgroup is turned into a threaded domain when one of its child
374 A threaded domain reverts to a normal domain when the conditions
378 threads in the cgroup. Except that the operations are per-thread
379 instead of per-process, "cgroup.threads" has the same format and
382 threaded domain, its operations are confined inside each threaded
385 The threaded domain cgroup serves as the resource domain for the whole
387 all the processes are considered to be in the threaded domain cgroup.
388 "cgroup.procs" in a threaded domain cgroup contains the PIDs of all
397 aren't tied to a specific thread belong to the threaded domain cgroup.
401 between threads in a non-leaf cgroup and its child cgroups. Each
407 - cpu
408 - cpuset
409 - perf_event
410 - pids
413 --------------------------
415 Each non-root cgroup has a "cgroup.events" file which contains
416 "populated" field indicating whether the cgroup's sub-hierarchy has
420 example, to start a clean-up operation after all processes of a given
421 sub-hierarchy have exited. The populated state updates and
422 notifications are recursive. Consider the following sub-hierarchy
426 A(4) - B(0) - C(1)
436 -----------------------
450 # echo "+cpu +memory -io" > cgroup.subtree_control
459 Consider the following sub-hierarchy. The enabled controllers are
462 A(cpu,memory) - B(memory) - C()
476 controller interface files - anything which doesn't start with
480 Top-down Constraint
483 Resources are distributed top-down and a cgroup can further distribute
485 parent. This means that all non-root "cgroup.subtree_control" files
495 Non-root cgroups can distribute domain resources to their children
497 only domain cgroups which don't contain any processes can have domain
500 This guarantees that, when a domain controller is looking at the part
510 refer to the Non-normative information section in the Controllers
523 ----------
545 delegated, the user can build sub-hierarchy under the directory,
549 happens in the delegated sub-hierarchy, nothing can escape the
553 cgroups in or nesting depth of a delegated sub-hierarchy; however,
560 A delegated sub-hierarchy is contained in the sense that processes
561 can't be moved into or out of the sub-hierarchy by the delegatee.
564 requiring the following conditions for a process with a non-root euid
568 - The writer must have write access to the "cgroup.procs" file.
570 - The writer must have write access to the "cgroup.procs" file of the
574 processes around freely in the delegated sub-hierarchy it can't pull
575 in from or push out to outside the sub-hierarchy.
581 ~~~~~~~~~~~~~ - C0 - C00
584 ~~~~~~~~~~~~~ - C1 - C10
591 will be denied with -EACCES.
596 is not reachable, the migration is rejected with -ENOENT.
600 ----------
608 inherent trade-offs between migration and various hot paths in terms
614 resource structure once on start-up. Dynamic adjustments to resource
647 -------
653 work-conserving. Due to the dynamic nature, this model is usually
668 .. _cgroupv2-limits-distributor:
671 ------
674 Limits can be over-committed - the sum of the limits of children can
679 As limits can be over-committed, all configuration combinations are
686 .. _cgroupv2-protections-distributor:
689 -----------
694 soft boundaries. Protections can also be over-committed in which case
701 As protections can be over-committed, all configuration combinations
705 "memory.low" implements best-effort memory protection and is an
710 -----------
713 resource. Allocations can't be over-committed - the sum of the
720 As allocations can't be over-committed, some configuration
725 "cpu.rt.max" hard-allocates realtime slices and is an example of this
733 ------
738 New-line separated values
746 (when read-only or multiple values can be written at once)
772 -----------
774 - Settings for a single feature should be contained in a single file.
776 - The root cgroup should be exempt from resource control and thus
779 - The default time unit is microseconds. If a different unit is ever
782 - A parts-per quantity should use a percentage decimal with at least
783 two digit fractional part - e.g. 13.40.
785 - If a controller implements weight based resource distribution, its
791 - If a controller implements an absolute resource guarantee and/or
800 - If a setting has a configurable default value and keyed specific
814 # cat cgroup-example-interface-file
820 # echo 125 > cgroup-example-interface-file
824 # echo "default 125" > cgroup-example-interface-file
828 # echo "8:16 170" > cgroup-example-interface-file
832 # echo "8:0 default" > cgroup-example-interface-file
833 # cat cgroup-example-interface-file
837 - For events which are not very high frequency, an interface file
844 --------------------
849 A read-write single value file which exists on non-root
855 - "domain" : A normal valid domain cgroup.
857 - "domain threaded" : A threaded domain cgroup which is
860 - "domain invalid" : A cgroup which is in an invalid state.
864 - "threaded" : A threaded cgroup which is a member of a
871 A read-write new-line separated values file which exists on
875 the cgroup one-per-line. The PIDs are not ordered and the
884 - It must have write access to the "cgroup.procs" file.
886 - It must have write access to the "cgroup.procs" file of the
889 When delegating a sub-hierarchy, write access to this file
897 A read-write new-line separated values file which exists on
901 the cgroup one-per-line. The TIDs are not ordered and the
910 - It must have write access to the "cgroup.threads" file.
912 - The cgroup that the thread is currently in must be in the
913 same resource domain as the destination cgroup.
915 - It must have write access to the "cgroup.procs" file of the
918 When delegating a sub-hierarchy, write access to this file
922 A read-only space separated values file which exists on all
929 A read-write space separated values file which exists on all
936 Space separated list of controllers prefixed with '+' or '-'
938 name prefixed with '+' enables the controller and '-'
944 A read-only flat-keyed file which exists on non-root cgroups.
956 A read-write single value files. The default is "max".
963 A read-write single value files. The default is "max".
970 A read-only flat-keyed file with the following entries:
996 A read-write single value file which exists on non-root cgroups.
1019 create new sub-cgroups.
1022 A write-only single value file which exists in non-root cgroups.
1034 the whole thread-group.
1037 A read-write single value file that allowed values are "0" and "1".
1041 Writing "1" to the file will re-enable the cgroup PSI accounting.
1049 This may cause non-negligible overhead for some workloads when under
1051 be used to disable PSI accounting in the non-leaf cgroups.
1054 A read-write nested-keyed file.
1062 .. _cgroup-v2-cpu:
1065 ---
1096 A read-only flat-keyed file.
1101 - usage_usec
1102 - user_usec
1103 - system_usec
1107 - nr_periods
1108 - nr_throttled
1109 - throttled_usec
1110 - nr_bursts
1111 - burst_usec
1114 A read-write single value file which exists on non-root
1124 A read-write single value file which exists on non-root
1127 The nice value is in the range [-20, 19].
1136 A read-write two value file which exists on non-root cgroups.
1148 A read-write single value file which exists on non-root
1154 A read-write nested-keyed file.
1160 A read-write single value file which exists on non-root cgroups.
1163 The requested minimum utilization (protection) as a percentage
1170 The requested minimum utilization (protection) is always capped by
1175 A read-write single value file which exists on non-root cgroups.
1186 A read-write single value file which exists on non-root cgroups.
1189 This is the cgroup analog of the per-task SCHED_IDLE sched policy.
1198 ------
1201 stateful and implements both limit and protection models. Due to the
1206 While not completely water-tight, all major memory usages by a given
1211 - Userland memory - page cache and anonymous memory.
1213 - Kernel data structures such as dentries and inodes.
1215 - TCP socket buffers.
1228 A read-only single value file which exists on non-root
1235 A read-write single value file which exists on non-root
1238 Hard memory protection. If the memory usage of a cgroup
1251 the part of parent's protection proportional to its
1255 protection is discouraged and may lead to constant OOMs.
1261 A read-write single value file which exists on non-root
1264 Best-effort memory protection. If the memory usage of a
1277 the part of parent's protection proportional to its
1281 protection is discouraged.
1284 A read-write single value file which exists on non-root
1298 A read-write single value file which exists on non-root
1307 In default configuration regular 0-order allocations always
1312 as -ENOMEM or silently ignore in cases like disk readahead.
1315 A write-only nested-keyed file which exists for all cgroups.
1326 specified amount, -EAGAIN is returned.
1347 A read-write single value file which exists on non-root cgroups.
1352 A write of any non-empty string to this file resets it to the
1357 A read-write single value file which exists on non-root
1367 Tasks with the OOM protection (oom_score_adj set to -1000)
1375 A read-only flat-keyed file which exists on non-root cgroups.
1389 boundary is over-committed.
1409 considered as an option, e.g. for failed high-order
1425 A read-only flat-keyed file which exists on non-root cgroups.
1428 types of memory, type-specific details, and other information
1437 If the entry has no per-node counter (or not show in the
1438 memory.numa_stat). We use 'npn' (non-per-node) as the tag
1466 Amount of memory used for storing per-cpu kernel
1476 Amount of cached filesystem data that is swap-backed,
1513 Amount of memory, swap-backed and filesystem-backed,
1519 the value for the foo counter, since the foo counter is type-based, not
1520 list-based.
1531 Amount of memory used for storing in-kernel data
1609 Number of zero-filled pages swapped out with I/O skipped due to the
1665 A read-only nested-keyed file which exists on non-root cgroups.
1668 types of memory, type-specific details, and other information
1690 A read-only single value file which exists on non-root
1697 A read-write single value file which exists on non-root
1702 allow userspace to implement custom out-of-memory procedures.
1713 A read-write single value file which exists on non-root cgroups.
1718 A write of any non-empty string to this file resets it to the
1723 A read-write single value file which exists on non-root
1730 A read-only flat-keyed file which exists on non-root cgroups.
1746 because of running out of swap system-wide or max
1755 A read-only single value file which exists on non-root
1762 A read-write single value file which exists on non-root
1770 A read-write single value file. The default value is "1".
1788 A read-only nested-keyed file.
1798 Over-committing on high limit (sum of high limits > available memory)
1812 pressure - how much the workload is being impacted due to lack of
1813 memory - is necessary to determine whether a workload needs more
1827 To which cgroup the area will be charged is in-deterministic; however,
1838 --
1843 only if cfq-iosched is in use and neither scheme is available for
1844 blk-mq devices.
1851 A read-only nested-keyed file.
1871 A read-write nested-keyed file which exists only on the root
1883 enable Weight-based control enable
1915 devices which show wide temporary behavior changes - e.g. a
1926 A read-write nested-keyed file which exists only on the root
1939 model The cost model in use - "linear"
1965 generate device-specific coefficients.
1968 A read-write flat-keyed file which exists on non-root cgroups.
1988 A read-write nested-keyed file which exists on non-root
2002 When writing, any number of nested key-value pairs can be
2027 A read-only nested-keyed file.
2044 defines the memory domain that dirty memory ratio is calculated and
2045 maintained for and the io controller defines the io domain which
2046 writes out dirty pages for the memory domain. Both system-wide and
2047 per-cgroup dirty memory states are examined and the more restrictive
2085 memory controller and system-wide clean memory.
2096 This is a cgroup v2 controller for IO workload protection. You provide a group
2118 your real setting, setting at 10-15% higher than the value in io.stat.
2128 - Queue depth throttling. This is the number of outstanding IO's a group is
2132 - Artificial delay induction. There are certain types of IO that cannot be
2179 no-change
2182 promote-to-rt
2183 For requests that have a non-RT I/O priority class, change it into RT.
2187 restrict-to-be
2197 none-to-rt
2198 Deprecated. Just an alias for promote-to-rt.
2202 +----------------+---+
2203 | no-change | 0 |
2204 +----------------+---+
2205 | promote-to-rt | 1 |
2206 +----------------+---+
2207 | restrict-to-be | 2 |
2208 +----------------+---+
2210 +----------------+---+
2214 +-------------------------------+---+
2216 +-------------------------------+---+
2217 | IOPRIO_CLASS_RT (real-time) | 1 |
2218 +-------------------------------+---+
2220 +-------------------------------+---+
2222 +-------------------------------+---+
2226 - If I/O priority class policy is promote-to-rt, change the request I/O
2229 - If I/O priority class policy is not promote-to-rt, translate the I/O priority
2235 ---
2254 A read-write single value file which exists on non-root
2260 A read-only single value file which exists on non-root cgroups.
2266 A read-only single value file which exists on non-root cgroups.
2272 A read-only flat-keyed file which exists on non-root cgroups. Unless
2290 through fork() or clone(). These will return -EAGAIN if the creation
2295 ------
2302 memory placement to reduce cross-node memory access and contention
2313 A read-write multiple values file which exists on non-root
2314 cpuset-enabled cgroups.
2321 The CPU numbers are comma-separated numbers or ranges.
2325 0-4,6,8-10
2328 setting as the nearest cgroup ancestor with a non-empty
2335 A read-only multiple values file which exists on all
2336 cpuset-enabled cgroups.
2352 A read-write multiple values file which exists on non-root
2353 cpuset-enabled cgroups.
2360 The memory node numbers are comma-separated numbers or ranges.
2364 0-1,3
2367 setting as the nearest cgroup ancestor with a non-empty
2374 Setting a non-empty value to "cpuset.mems" causes memory of
2386 A read-only multiple values file which exists on all
2387 cpuset-enabled cgroups.
2402 A read-write multiple values file which exists on non-root
2403 cpuset-enabled cgroups.
2436 A read-only multiple values file which exists on all non-root
2437 cpuset-enabled cgroups.
2449 A read-only and root cgroup only multiple values file.
2456 A read-write single value file which exists on non-root
2457 cpuset-enabled cgroups. This flag is owned by the parent cgroup
2463 "member" Non-root member of a partition
2468 A cpuset partition is a collection of cpuset-enabled cgroups with
2475 There are two types of partitions - local and remote. A local
2491 be changed. All other non-root cgroups start out as "member".
2494 partition or scheduling domain. The set of exclusive CPUs is
2504 two possible states - valid or invalid. An invalid partition
2515 "member" Non-root member of a partition
2542 A valid non-root parent partition may distribute out all its CPUs
2561 A user can pre-configure certain CPUs to an isolated state
2568 -----------------
2579 on the return value the attempt will succeed or fail with -EPERM.
2584 If the program returns 0, the attempt fails with -EPERM, otherwise it
2592 ----
2601 A readwrite nested-keyed file that exists for all the cgroups
2622 A read-only file that describes current resource usage.
2631 ----
2641 A readwrite nested-keyed file that exists for all the cgroups
2654 A read-only file that describes maximum region capacity.
2665 A read-only file that describes current resource usage.
2674 -------
2691 A read-only flat-keyed file which exists on non-root cgroups.
2704 use hugetlb pages are included. The per-node values are in bytes.
2707 ----
2729 A read-only flat-keyed file shown only in the root cgroup. It shows
2738 A read-only flat-keyed file shown in the all cgroups. It shows
2746 A read-only flat-keyed file shown in all cgroups. It shows the
2755 A read-write flat-keyed file shown in the non root cgroups. Allowed
2774 A read-only flat-keyed file which exists on non-root cgroups. The
2797 ------
2808 Non-normative information
2809 -------------------------
2825 appropriately so the neutral - nice 0 - value is 100 instead of 1024).
2841 ------
2860 The path '/batchjobs/container_id1' can be considered as system-data
2865 # ls -l /proc/self/ns/cgroup
2866 lrwxrwxrwx 1 root root 0 2014-07-15 10:37 /proc/self/ns/cgroup -> cgroup:[4026531835]
2872 # ls -l /proc/self/ns/cgroup
2873 lrwxrwxrwx 1 root root 0 2014-07-15 10:35 /proc/self/ns/cgroup -> cgroup:[4026532183]
2877 When some thread from a multi-threaded process unshares its cgroup
2889 ------------------
2900 # ~/unshare -c # unshare cgroupns in some cgroup
2908 Each process gets its namespace-specific view of "/proc/$PID/cgroup"
2939 ----------------------
2968 ---------------------------------
2971 running inside a non-init cgroup namespace::
2973 # mount -t cgroup2 none $MOUNT_POINT
2980 the view of cgroup hierarchy by namespace-private cgroupfs mount
2993 --------------------------------
2996 address_space_operations->writepage[s]() to annotate bio's using the
3013 super_block by setting SB_I_CGROUPWB in ->s_iflags. This allows for
3030 - Multiple hierarchies including named ones are not supported.
3032 - All v1 mount options are not supported.
3034 - The "tasks" file is removed and "cgroup.procs" is not sorted.
3036 - "cgroup.clone_children" is removed.
3038 - /proc/cgroups is meaningless for v2. Use "cgroup.controllers" or
3046 --------------------
3099 ------------------
3107 Generally, in-process knowledge is available only to the process
3108 itself; thus, unlike service-level organization of processes,
3115 sub-hierarchies and control resource distributions along them. This
3116 effectively raised cgroup to the status of a syscall-like API exposed
3126 that the process would actually be operating on its own sub-hierarchy.
3130 system-management pseudo filesystem. cgroup ended up with interface
3133 individual applications through the ill-defined delegation mechanism
3143 -------------------------------------------
3154 cycles and the number of internal threads fluctuated - the ratios
3170 clearly defined. There were attempts to add ad-hoc behaviors and
3184 ----------------------
3188 was how an empty cgroup was notified - a userland helper binary was
3191 to in-kernel event delivery filtering mechanism further complicating
3213 ------------------------------
3220 global reclaim prefers is opt-in, rather than opt-out. The costs for
3230 becomes self-defeating.
3232 The memory.low boundary on the other hand is a top-down allocated
3233 reserve. A cgroup enjoys reclaim protection when it's within its
3270 new limit is met - or the task writing to memory.max is killed.
3279 groups can sabotage swapping by other means - such as referencing its
3280 anonymous memory in a tight loop - and an admin can not assume full