Limiting resources on FreeBSD
freebsd rctlWhat is rctl
In FreeBSD, in addition to login.conf
, we also get a very nice and
flexible mechanism for setting resource limits: rctl
.
I like it in particular for limiting resources allocated to each jail.
Configuration
Here is a short example:
jail:example_jail:vmemoryuse:deny=2G/jail
jail:example_jail:maxproc:deny=200/jail
jail:example_jail:readiops:throttle=500/jail
jail:example_jail:pcpu:deny=70/jail
In the above, for the jail identified by example_jail
we allow:
- 2G of memory,
- 200 processes,
- 500 I/O read operations per second,
- 70% of CPU.
Enabling rctl on boot
Actually, there is no need to enable anything in rc.conf
–
this is what you can find in /etc/defaults/rc.conf
:
rctl_enable="YES" # Load rctl(8) rules on boot
rctl_rules="/etc/rctl.conf" # rctl(8) ruleset. See rctl.conf(5).
It is sufficent to simply create /etc/rctl.conf
and the limits
will be set on system boot.
However, we need to edit /boot/loader.conf
to add:
kern.racct.enable="1"
and then reboot the system.
rctl
rctl
(without any switches) – prints the current set of rulesrctl -r :
– clears all the rulesrctl -u jail:example_jail
– prints the resource utilisation forexample_jail