Re: Per Jail Memory Limits

From: Kostik Belousov <kostikbel_at_gmail.com>
Date: Mon, 5 Oct 2009 22:02:13 +0300
On Mon, Oct 05, 2009 at 05:47:50PM +0000, Tom Judge wrote:
> Julian Elischer wrote:
> >Tom Judge wrote:
> >>Hi,
> >>
> >>Does anyone know of a patch that will add per jail memory limits so 
> >>that a jail can't swallow the resources of the entire box?
> >>
> >>
> >>Thanks
> >>
> >>Tom
> >>_______________________________________________
> >>freebsd-current_at_freebsd.org mailing list
> >>http://lists.freebsd.org/mailman/listinfo/freebsd-current
> >>To unsubscribe, send any mail to 
> >>"freebsd-current-unsubscribe_at_freebsd.org"
> >
> >
> >not yet..
> >
> 
> I started to port this to 7.1 today:
> 
> http://wiki.freebsd.org/JailResourceLimits
> 
> 
> What are the peoples opinions on this patch?

Since r194766, we have precise accounting for the anonymous memory,
both globally and per-uid. If current jails infrastructure allows to
set per-jail limits (and I suspect that it is), then you should
just match these two facilities.

The seemingly problematic thing is processes changing their jails.
It can be done similar to how the uid accounting is done currently,
by remembering which jail was charged in corresponding vm map
entry and object.

Received on Mon Oct 05 2009 - 17:02:26 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:56 UTC