From 50214ec0638b03733472eda5f838db7596de4357 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Date: Sun, 13 Mar 2016 10:13:33 +0100
Subject: Adding container limit command.

Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
---
 README.txt                      |   3 +
 lib/container/limit             | 187 ++++++++++++++++++++++++++++++++++++++++
 share/man/container-limit.1.txt | 105 ++++++++++++++++++++++
 share/man/container-tools.7.txt |   3 +
 share/man/container.1.txt       |   3 +
 5 files changed, 301 insertions(+)
 create mode 100755 lib/container/limit
 create mode 100644 share/man/container-limit.1.txt

diff --git a/README.txt b/README.txt
index f1c04e5..32bf50d 100644
--- a/README.txt
+++ b/README.txt
@@ -42,6 +42,9 @@ systemd-nspawn.
   * Attach console to a container:
     sudo container console -n NAME
 
+  * Limit ressources of a container:
+    sudo container limit -n NAME --cpu-quota 10%
+
   * List container on the system:
     sudo container list
 
diff --git a/lib/container/limit b/lib/container/limit
new file mode 100755
index 0000000..1cc3079
--- /dev/null
+++ b/lib/container/limit
@@ -0,0 +1,187 @@
+#!/bin/sh
+
+# Open Infrastructure: container-tools
+# Copyright (C) 2014-2015 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+set -e
+
+COMMAND="$(basename ${0})"
+
+MACHINES="/var/lib/machines"
+
+Parameters ()
+{
+	LONG_OPTIONS="name:,blockio-device-weight:,blockio-read-bandwith:,blockio-weight:,blockio-write-bandwith:,cpu-quota:,cpu-shares:,memory-limit:,tasks-max:,"
+
+	OPTIONS="n:b:c:m:t:"
+
+	PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${COMMAND} --options ${OPTIONS} --shell sh -- ${@})"
+
+	if [ "${?}" != "0" ]
+	then
+		echo "'${COMMAND}': getopt exit" >&2
+		exit 1
+	fi
+
+	eval set -- "${PARAMETERS}"
+
+	while true
+	do
+		case "${1}" in
+			-n|--name)
+				NAME="${2}"
+				shift 2
+				;;
+
+			-c|--cpu-quota)
+				CPU_QUOTA="${2}"
+				shift 2
+				;;
+
+			--cpu-shares)
+				CPU_SHARES="${2}"
+				shift 2
+				;;
+
+			-m|--memory-limit)
+				MEMORY_LIMIT="${2}"
+				shift 2
+				;;
+
+			-t|--tasks-max)
+				TASKS_MAX="${2}"
+				shift 2
+				;;
+
+			--blockio-device-weight)
+				BLOCK_IO_DEVICE_WEIGHT="${2}"
+				shift 2
+				;;
+
+			--blockio-read-bandwith)
+				BLOCK_IO_READ_BANDWITH="${2}"
+				shift 2
+				;;
+
+			-b|--blockio-weight)
+				BLOCK_IO_WEIGHT="${2}"
+				shift 2
+				;;
+
+			--blockio-write-bandwith)
+				BLOCK_IO_WRITE_BANDWITH="${2}"
+				shift 2
+				;;
+
+			--)
+				shift 1
+				break
+				;;
+
+			*)
+				echo "'${COMMAND}': getopt error" >&2
+				exit 1
+				;;
+		esac
+	done
+}
+
+Usage ()
+{
+	echo "Usage: container ${COMMAND} -n|--name NAME [--blockio-device-weight \"DEVICE WEIGHT\"] [--blockio-read-bandwith \"DEVICE BYTES\"] [-b|--blockio-weight WEIGHT] [--blockio-write-bandwith \"DEVICE BYTES\"] [-c|--cpu-quota QUOTA] [--cpu-shares SHARES] [-m|--memory-limit BYTES] [-t|--tasks-max NUMBER]" >&2
+	exit 1
+}
+
+Parameters "${@}"
+
+if [ -z "${NAME}" ]
+then
+	Usage
+fi
+
+if [ ! -e "${MACHINES}/${NAME}" ]
+then
+	echo "'${NAME}': no such container" >&2
+	exit 1
+fi
+
+STATE="$(machinectl show ${NAME} 2>&1 | awk -F= '/^State=/ { print $2 }')"
+
+case "${STATE}" in
+	running)
+		;;
+
+	*)
+		echo "'${NAME}': container is not running" >&2
+		exit 1
+		;;
+esac
+
+if [ -n "${BLOCK_IO_DEVICE_WEIGHT}" ]
+then
+	BLOCK_IO_DEVICE_WEIGHT="BlockIODeviceWeight=${BLOCK_IO_DEVICE_WEIGHT}"
+	SET_PROPERTY="true"
+fi
+
+if [ -n "${BLOCK_IO_READ_BANDWITH}" ]
+then
+	BLOCK_IO_READ_BANDWITH="BlockIOReadBandwidth=${BLOCK_IO_READ_BANDWITH}"
+	SET_PROPERTY="true"
+fi
+
+if [ -n "${BLOCK_IO_WEIGHT}" ]
+then
+	BLOCK_IO_WEIGHT="BlockIOWeight=${BLOCK_IO_WEIGHT}"
+	SET_PROPERTY="true"
+fi
+
+if [ -n "${BLOCK_IO_WRITE_BANDWITH}" ]
+then
+	BLOCK_IO_WRITE_BANDWITH="BlockIOReadBandwidth=${BLOCK_IO_WRITE_BANDWITH}"
+	SET_PROPERTY="true"
+fi
+
+if [ -n "${CPU_QUOTA}" ]
+then
+	CPU_QUOTA="CPUQuota=${CPU_QUOTA}"
+	SET_PROPERTY="true"
+fi
+
+if [ -n "${CPU_SHARES}" ]
+then
+	CPU_SHARES="CPUShares=${CPU_SHARES}"
+	SET_PROPERTY="true"
+fi
+
+if [ -n "${MEMORY_LIMIT}" ]
+then
+	MEMORY_LIMIT="MemoryLimit=${MEMORY_LIMIT}"
+	SET_PROPERTY="true"
+fi
+
+if [ -n "${TASKS_MAX}" ]
+then
+	TASKS_MAX="TasksMax=${TASKS_MAX}"
+	SET_PROPERTY="true"
+fi
+
+if [ "${SET_PROPERTY}" != "true" ]
+then
+	Usage
+fi
+
+# Run
+systemctl --runtime set-property ${NAME} ${BLOCK_IO_DEVICE_WEIGHT} ${BLOCK_IO_READ_BANDWITH} ${BLOCK_IO_WEIGHT} ${BLOCK_IO_WRITE_BANDWITH} ${CPU_QUOTA} ${CPU_SHARES} ${MEMORY_LIMIT} ${TASKS_MAX}
diff --git a/share/man/container-limit.1.txt b/share/man/container-limit.1.txt
new file mode 100644
index 0000000..c9aad4e
--- /dev/null
+++ b/share/man/container-limit.1.txt
@@ -0,0 +1,105 @@
+// Open Infrastructure: container-tools
+// Copyright (C) 2014-2016 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+CONTAINER-STOP(1)
+=================
+:doctype: manpage
+:man manual: Open Infrastructure
+:man source: container-tools
+:man version: {revnumber}
+
+
+NAME
+----
+container-stop - Limit ressources of a container
+
+
+SYNOPSIS
+--------
+*container limit* ['OPTIONS']
+
+
+DESCRIPTION
+-----------
+The container limit command limits ressources available to a container at runtime.
+
+
+OPTIONS
+-------
+The following container options are available:
+
+*-n, --name='NAME'*::
+	Specify container name.
+
+*--blockio-device-weight='DEVICE WEIGHT'*::
+	Specify device specific blockio weight, see systemd.resource-control(5).
+
+*--blockio-read-bandwith='DEVICE BYTES'*::
+	Specify device specific blockio read bandwith, see systemd.resource-control(5).
+
+*-b, --blockio-weight='WEIGHT'*::
+	Specify general blockio weight, see systemd.resource-control(5).
+
+*--blockio-write-bandwith='DEVICE BYTES'*::
+	Specify device specific blockio write bandwith, see systemd.resource-control(5).
+
+*-c, --cpu-quota='QUOTA'*::
+	Specify CPU quota, see systemd.resource-control(5).
+
+*--cpu-shares='SHARES'*::
+	Specify CPU shares, see systemd.resource-control(5).
+
+*-m, --memory-limit='BYTES'*::
+	Specify memory limit, see systemd.resource-control(5).
+
+*-t, --tasks-max='NUMBER'*::
+	Specify tasks max, see systemd.resource-control(5).
+
+
+EXAMPLES
+--------
+*Set blockio weight for the example.net container:*::
+	sudo container limit -n example.net --blockio-weight 100
+
+*Set CPU quota for the example.net container:*::
+	sudo container limit -n example.net --cpu-quota 10%
+
+*Set memory limit for the example.net container to 1GB:*::
+	sudo container limit -n example.net --memory-limit 1G
+
+*Set tasks max for the example.net container to 100:*::
+	sudo container limit -n example.net --tasks-max 100
+
+
+SEE ALSO
+--------
+container-tools(7),
+container(1).
+
+
+HOMEPAGE
+--------
+More information about container-tools and the Open Infrastructure project can be found on the homepage at http://open-infrastructure.net.
+
+
+BUGS
+----
+Bugs can be reported by opening an issue in the GitHub repository at http://github.com/open-infrastructure/container-tools.
+
+
+AUTHORS
+-------
+container-tools was written by Daniel Baumann <daniel.baumann@open-infrastructure.net>.
diff --git a/share/man/container-tools.7.txt b/share/man/container-tools.7.txt
index e94afcc..16e9863 100644
--- a/share/man/container-tools.7.txt
+++ b/share/man/container-tools.7.txt
@@ -62,6 +62,9 @@ USAGE
 *Attach console to a container:*::
 	sudo container console -n NAME
 
+*limit*::
+	sudo container limit -n NAME --cpu-quota 10%
+
 *List container on the system:*::
 	sudo container list
 
diff --git a/share/man/container.1.txt b/share/man/container.1.txt
index 1b26451..8681446 100644
--- a/share/man/container.1.txt
+++ b/share/man/container.1.txt
@@ -67,6 +67,9 @@ The following container commands are available:
 *console*::
 	Attach console to a container, see container-console(1).
 
+*limit*::
+	Limit ressources of a container, see container-limit(1).
+
 *list*::
 	List container on the system, see container-list(1).
 
-- 
cgit v1.2.3