Mounting cgroups inside a docker container
Question
I dockerized a component that follows a process model. The master process forks itself many times. I want to establish a cgroup hierarchy inside the docker container to vary the CPU and memory limit on a per process basis.
Is there a way I can do this without using '--privileged' or 'CAP_SYTEM_ADMIN'?
Is there a way I can make the cgroup that the container belongs to as the root of the cgroup subsytem that I am implementing for the processes? (Divide the resources allocated to the container among the processes).
1 answers
solution1
4 2016-03-10 21:55:15
The conclusion that I came to was that there is no current solution for this since Docker does not support cgroup virtualization nor does the Linux kernel. We need some form of cgroup virtualization in order to implement cgroups inside a container.
lxc does this using a FUSE based solution called lxcfs : https://linuxcontainers.org/lxcfs/introduction/
Also, there is a kernel patch that supports cgroup namespaces which as far as I can see have not been approved : https://lwn.net/Articles/605903/ .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.