search

bsdci / libioc

A Python library to manage jails with ioc{age,ell}
https://bsd.ci/libioc
Other
38 stars 11 forks source link

Improve Resource-Limit feature UX #142

Open gronke opened 7 years ago

gronke commented 7 years ago

Resource limits are functional but not documented yet. It is not intuitive to know which resource limits are available and and what a valid configuration looks like. To assist users we can:

urosgruber commented 6 years ago

@gronke can you please write one liner here how this can be configured until full feature is documented?

gronke commented 6 years ago

@urosgruber sure. You have a whole bunch of jail configuration properties thatcan be used as resource limit: this list contains all keys that can be used as such.

The rctl tunable needs to be enabled:

sysctl kern.racct.enable=1

After that resource limits can be applied to a jails configuration. Please note that resource-limits via iocage configuration changes will be applied during the next start - live editing is planned but not yet implemented.

ioc create -b -n limited-jail
ioc set vmemoryuse=1g limited-jail
ioc start limited-jail

see also: https://www.freebsd.org/cgi/man.cgi?query=rctl&sektion=8

urosgruber commented 6 years ago

Great, thanks. I guess I was using a wrong syntax and trying to use 

ioc set rlimits="vmemoryuse:1g"

It works like a charm. Now I can remove some rlimit lines in my poststart script.