Docker's Cgroup resource limit

Enterprise 2023-04-16 13:29:11 views: null

        Docker uses Cgroup to control the resource quota used by containers, including CPU, memory, and disk, which basically covers common resource allocation and usage control.

      Cgoup is the abbreviation of CotrolGroups. It is a mechanism provided by the Linux kernel that can limit, record, and separate physical resources (such as CPU, memory, disk IO, etc.) used by high-level process groups. It is used by many projects such as LXC and docker. Implement process resource control. Cgroup itself is an infrastructure that provides functions and interfaces for grouping and managing processes. Specific resource management such as IO or memory allocation control is realized through this function.

Table of contents

1. CPU resource limitation

1. Set the upper limit of CPU usage

2. Set the CPU resource usage ratio (only valid if multiple containers are set) 

3. Set the container and CPU binding core

2. Memory resource limitation

3. Limitations on Disk I/O Quotas

1. CPU resource limitation

1. Set the upper limit of CPU usage

        Linux uses CFS (Completely Fair Scheduler) to schedule the CPU usage of each process. The default scheduling period of CFS is 10ms. We can set the scheduling cycle of each container process and how much CPU time each container can use at most during this cycle.

--cpu-period        #Set the scheduling period, the value range is 1000~1000000

--cpu-guota        #Set the CPU time that the container can use in each cycle, the value must be >=1000

--cpu-period, the period of CPU allocation (microseconds, so the file name is represented by us) is 100000 by default.
--cpu-guota, indicates the time (microseconds) that the cgroups limit takes, and the default is -1, which means no limit. If it is set to 50000, it means that 50000/100000=50% of the CPU is occupied. 

Limit the cpu when creating, and then execute an infinite loop randomly, enter the container at another terminal and execute the top command, and check that the cpu is only 30% full.

Set --cpu-period and --cpu-guota at the same time, set the period to 10000, and set it to 5000 for 50% occupancy

Note: The above is only for single-core settings. In the case of multi-core, if --cpu-period remains the default 100000, and --cpu-guota > 100000 is set, multi-core will be used. If it is set to 200000, it is limited to full run two cpus.

2. Set the CPU resource usage ratio (only valid if multiple containers are set) 

--cpu-shares          #Specify the CPU share, the default value is 1024, and the value is a multiple of 1024 (the values ​​​​of multiple containers are proportional, and the CPU share can be accurately guaranteed)

Enter three containers for pressure measurement

#分别下载stress压测并使用
docker exec -it c1 bash
yum -y install epel-release
yum -y install stress
stress -c 4

docker exec -it c2 bash
yum -y install epel-release
yum -y install stress

stress -c 4
docker exec -it c3 bash
yum -y install epel-release
yum -y install stress
stress -c 4

But when one container is not working, one of the other containers will get the cpu share of the container (so it is generally used with quota)

3. Set the container and CPU binding core

--cpuset-cpus        #Specify which cpu to bind to, the cpu number starts from 0, multiple can be separated by commas

2. Memory resource limitation

-m (--memory)        #Limit the maximum memory used by the container

--memory-swap        #Limit the available swap size, you must specify -m when using it.

Normally, the value of --memory-swap includes the container's available memory and available swap.
So -m 300m --memory-swap=1g means that the container can use 300M of physical memory, and can use 700M (1G - 300M) of swap.

--memory-swap is set to 0 or not set, the swap size that the container can use is twice the value of -m.

If the value of --memory-swap is the same as that of -m, the container cannot use swap.
--memory-swap The value is -1, which means that the memory used by the container program is limited, and the available swap space is not limited (the host can use as many swap containers as there are).

3. Limitations on Disk I/O Quotas

--device-read-bps #Limit the reading speed of a device in bps (data volume) unit can be kb, mb (M) or gb

--device-write-bps #Limit a device's write speed bps (data volume) unit can be kb, mb (M) or gb

--device-read-iops #Limit the iops (number of times) of reading a device

--device-write-iops #Limit the iops (number of times) written to a device

Supplement: docker system prune -a can be used to clean up disks, delete closed containers, useless data volumes and networks

Guess you like

Origin blog.csdn.net/weixin_58544496/article/details/127991037
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com