On Wed, Jan 09, 2008 at 12:01:59PM +1100, Andrew Snow wrote: > > Hi Guys, > > I am running a hoster providing "VPS" using FreeBSD Jails on 6.2 > > FYI, I have patched my kernel in several places to make it work for me: > * jails have their own SYSV shared memory and semaphores > * per-jail number of processes limit > * jail ability to be bound to a given CPU core > * jails have a limited range of nice values (10 to -10) compared to > the host environment > > and last but not least: > * memory usage measurement and limiting. > > It is this last one that is causing me the most problems. I modified > obreak() to deny requests for more memory when memory limit is exceeded, > and that works OK. > > But measuring the jail memory usage in the first place is proving to be > a pain, and I wonder if you guys have any ideas. > > I am doing something similar to the Google SoC, by measuring the > resident page count of every VM map held by every process in the jail. > > This does not measure memory fairly - it counts shared memory too many > times. To see this in action, I can allocate a jail with 500mb memory > limit then try to start 10 or 20 large apache HTTPD processes. While > using only a small amount of actual system ram (under 100mb probably), > it measures it to be much larger. > > I am now looking at adding fields to VM memory maps and tagging them so > I can ensure I don't count them twice, but this is starting to get > non-trivial. > > Anyone else been able to solve this problem or have any better knowledge?
You may look at the http://people.freebsd.org/~kib/overcommit The text describes the changes more or less accurate, just ignore the status part and the patches itself. The current patch is at http://people.freebsd.org/~kib/overcommit/vm_overcommit.4.patch It does not account nor enforce any per-jail limits, only per uid (as all FreeBSD accounting does at the moment). But, having this done, per-jail and per-uid-in-jail would be much easier.
pgphz7ov6nzAr.pgp
Description: PGP signature
