From 1047607cbab4010ceb864c788083de82b5d8916a Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Tue, 25 Oct 2016 15:55:13 +0200 Subject: Readding container limit command. Signed-off-by: Daniel Baumann --- lib/container/limit | 186 ++++++++++++++++++++++++++++++++++++++++ share/bash-completion/container | 20 +++++ share/config/container.conf.in | 10 +++ share/man/container-limit.1.txt | 105 +++++++++++++++++++++++ share/man/container.1.txt | 3 + 5 files changed, 324 insertions(+) create mode 100755 lib/container/limit create mode 100644 share/man/container-limit.1.txt diff --git a/lib/container/limit b/lib/container/limit new file mode 100755 index 0000000..8b5ffd5 --- /dev/null +++ b/lib/container/limit @@ -0,0 +1,186 @@ +#!/bin/sh + +# container-tools - Manage systemd-nspawn containers +# Copyright (C) 2014-2016 Daniel Baumann +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +COMMAND="$(basename ${0})" + +MACHINES="/var/lib/machines" + +Parameters () +{ + LONG_OPTIONS="name:,blockio-device-weight:,blockio-read-bandwith:,blockio-weight:,blockio-write-bandwith:,cpu-quota:,cpu-shares:,memory-limit:,tasks-max:," + OPTIONS="n:b:c:m:t:," + + PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})" + + if [ "${?}" != "0" ] + then + echo "'${COMMAND}': getopt exit" >&2 + exit 1 + fi + + eval set -- "${PARAMETERS}" + + while true + do + case "${1}" in + -n|--name) + NAME="${2}" + shift 2 + ;; + + -c|--cpu-quota) + CPU_QUOTA="${2}" + shift 2 + ;; + + --cpu-shares) + CPU_SHARES="${2}" + shift 2 + ;; + + -m|--memory-limit) + MEMORY_LIMIT="${2}" + shift 2 + ;; + + -t|--tasks-max) + TASKS_MAX="${2}" + shift 2 + ;; + + --blockio-device-weight) + BLOCK_IO_DEVICE_WEIGHT="${2}" + shift 2 + ;; + + --blockio-read-bandwith) + BLOCK_IO_READ_BANDWITH="${2}" + shift 2 + ;; + + -b|--blockio-weight) + BLOCK_IO_WEIGHT="${2}" + shift 2 + ;; + + --blockio-write-bandwith) + BLOCK_IO_WRITE_BANDWITH="${2}" + shift 2 + ;; + + --) + shift 1 + break + ;; + + *) + echo "'${COMMAND}': getopt error" >&2 + exit 1 + ;; + esac + done +} + +Usage () +{ + echo "Usage: container ${COMMAND} -n|--name NAME [--blockio-device-weight \"DEVICE WEIGHT\"] [--blockio-read-bandwith \"DEVICE BYTES\"] [-b|--blockio-weight WEIGHT] [--blockio-write-bandwith \"DEVICE BYTES\"] [-c|--cpu-quota QUOTA] [--cpu-shares SHARES] [-m|--memory-limit BYTES] [-t|--tasks-max NUMBER]" >&2 + exit 1 +} + +Parameters "${@}" + +if [ -z "${NAME}" ] +then + Usage +fi + +if [ ! -e "${MACHINES}/${NAME}" ] +then + echo "'${NAME}': no such container" >&2 + exit 1 +fi + +STATE="$(machinectl show ${NAME} 2>&1 | awk -F= '/^State=/ { print $2 }')" + +case "${STATE}" in + running) + ;; + + *) + echo "'${NAME}': container is not running" >&2 + exit 1 + ;; +esac + +if [ -n "${BLOCK_IO_DEVICE_WEIGHT}" ] +then + BLOCK_IO_DEVICE_WEIGHT="BlockIODeviceWeight=${BLOCK_IO_DEVICE_WEIGHT}" + SET_PROPERTY="true" +fi + +if [ -n "${BLOCK_IO_READ_BANDWITH}" ] +then + BLOCK_IO_READ_BANDWITH="BlockIOReadBandwidth=${BLOCK_IO_READ_BANDWITH}" + SET_PROPERTY="true" +fi + +if [ -n "${BLOCK_IO_WEIGHT}" ] +then + BLOCK_IO_WEIGHT="BlockIOWeight=${BLOCK_IO_WEIGHT}" + SET_PROPERTY="true" +fi + +if [ -n "${BLOCK_IO_WRITE_BANDWITH}" ] +then + BLOCK_IO_WRITE_BANDWITH="BlockIOReadBandwidth=${BLOCK_IO_WRITE_BANDWITH}" + SET_PROPERTY="true" +fi + +if [ -n "${CPU_QUOTA}" ] +then + CPU_QUOTA="CPUQuota=${CPU_QUOTA}" + SET_PROPERTY="true" +fi + +if [ -n "${CPU_SHARES}" ] +then + CPU_SHARES="CPUShares=${CPU_SHARES}" + SET_PROPERTY="true" +fi + +if [ -n "${MEMORY_LIMIT}" ] +then + MEMORY_LIMIT="MemoryLimit=${MEMORY_LIMIT}" + SET_PROPERTY="true" +fi + +if [ -n "${TASKS_MAX}" ] +then + TASKS_MAX="TasksMax=${TASKS_MAX}" + SET_PROPERTY="true" +fi + +if [ "${SET_PROPERTY}" != "true" ] +then + Usage +fi + +# Run +systemctl --runtime set-property ${NAME} ${BLOCK_IO_DEVICE_WEIGHT} ${BLOCK_IO_READ_BANDWITH} ${BLOCK_IO_WEIGHT} ${BLOCK_IO_WRITE_BANDWITH} ${CPU_QUOTA} ${CPU_SHARES} ${MEMORY_LIMIT} ${TASKS_MAX} diff --git a/share/bash-completion/container b/share/bash-completion/container index 3bac382..a283d5f 100644 --- a/share/bash-completion/container +++ b/share/bash-completion/container @@ -82,6 +82,26 @@ _container() esac ;; + limit) + case "${cur}" in + -*) + opts="-n --name --blockio-device-weight --blockio-read-bandwith -b --blockio-weight --blockio-write-bandwith -c --cpu-quota --cpu-shares -m --memory-limit -t --tasks-max" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + *) + case "${prev}" in + -n|--name) + opts=$(container list -a -f short) + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + esac + ;; + esac + ;; + list) case "${cur}" in -*) diff --git a/share/config/container.conf.in b/share/config/container.conf.in index c3268d5..b5678c0 100644 --- a/share/config/container.conf.in +++ b/share/config/container.conf.in @@ -14,3 +14,13 @@ machine=@MACHINE@ network-veth-extra=@NETWORK_VETH_EXTRA@ private-users=@PRIVATE_USERS@ register=@REGISTER@ + +[limit] +BlockIODeviceWeight= +BlockIOReadBandwidth= +BlockIOWeight= +BlockIOWriteBandwidth= +CPUQuota= +CPUShares= +MemoryLimit= +TasksMax= diff --git a/share/man/container-limit.1.txt b/share/man/container-limit.1.txt new file mode 100644 index 0000000..0ba5b74 --- /dev/null +++ b/share/man/container-limit.1.txt @@ -0,0 +1,105 @@ +// container-tools - Manage systemd-nspawn containers +// Copyright (C) 2014-2016 Daniel Baumann +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +CONTAINER-LIMIT(1) +================== +:doctype: manpage +:man manual: Open Infrastructure +:man source: container-tools +:man version: {revnumber} + + +NAME +---- +container-limit - Limit ressources of a container + + +SYNOPSIS +-------- +*container limit* ['OPTIONS'] + + +DESCRIPTION +----------- +The container limit command limits ressources available to a container at runtime. + + +OPTIONS +------- +The following container options are available: + +*-n, --name='NAME'*:: + Specify container name. + +*--blockio-device-weight='DEVICE WEIGHT'*:: + Specify device specific blockio weight, see systemd.resource-control(5). + +*--blockio-read-bandwith='DEVICE BYTES'*:: + Specify device specific blockio read bandwith, see systemd.resource-control(5). + +*-b, --blockio-weight='WEIGHT'*:: + Specify general blockio weight, see systemd.resource-control(5). + +*--blockio-write-bandwith='DEVICE BYTES'*:: + Specify device specific blockio write bandwith, see systemd.resource-control(5). + +*-c, --cpu-quota='QUOTA'*:: + Specify CPU quota, see systemd.resource-control(5). + +*--cpu-shares='SHARES'*:: + Specify CPU shares, see systemd.resource-control(5). + +*-m, --memory-limit='BYTES'*:: + Specify memory limit, see systemd.resource-control(5). + +*-t, --tasks-max='NUMBER'*:: + Specify tasks max, see systemd.resource-control(5). + + +EXAMPLES +-------- +*Set blockio weight for the example.net container:*:: + sudo container limit -n example.net --blockio-weight 100 + +*Set CPU quota for the example.net container:*:: + sudo container limit -n example.net --cpu-quota 10% + +*Set memory limit for the example.net container to 1GB:*:: + sudo container limit -n example.net --memory-limit 1G + +*Set tasks max for the example.net container to 100:*:: + sudo container limit -n example.net --tasks-max 100 + + +SEE ALSO +-------- +container-tools(7), +container(1). + + +HOMEPAGE +-------- +More information about container-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. + + +BUGS +---- +Bugs can be reported by sending a bug report to the Debian Bug Tracking System at https://bugs.debian.org. + + +AUTHORS +------- +container-tools was written by Daniel Baumann . diff --git a/share/man/container.1.txt b/share/man/container.1.txt index 78a7d68..2182319 100644 --- a/share/man/container.1.txt +++ b/share/man/container.1.txt @@ -67,6 +67,9 @@ The following container commands are available: *console*:: Attach console to a container, see container-console(1). +*limit*:: + Limit ressources of a container, see container-limit(1). + *list*:: List container on the system, see container-list(1). -- cgit v1.2.3