proxmox-mirrors/systemd
1
0
Fork 0
mirror of https://git.proxmox.com/git/systemd synced 2025-06-05 04:30:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e735f4d4ea
systemd/man/systemd.resource-control.html
Martin Pitt e735f4d4ea Imported Upstream version 219
2015-02-17 11:22:16 +01:00

219 lines
21 KiB
HTML
Raw Blame History

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>systemd.resource-control</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
a.headerlink {
color: #c60f0f;
font-size: 0.8em;
padding: 0 4px 0 4px;
text-decoration: none;
visibility: hidden;
}
a.headerlink:hover {
background-color: #c60f0f;
color: white;
}
h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
visibility: visible;
}
</style><a href="index.html">Index </a>·
<a href="systemd.directives.html">Directives </a>·
<a href="../python-systemd/index.html">Python </a>·
<a href="../libudev/index.html">libudev </a>·
<a href="../libudev/index.html">gudev </a><span style="float:right">systemd 219</span><hr><div class="refentry"><a name="systemd.resource-control"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>systemd.resource-control — Resource control unit settings</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p>
<code class="filename"><em class="replaceable"><code>slice</code></em>.slice</code>,
<code class="filename"><em class="replaceable"><code>scope</code></em>.scope</code>,
<code class="filename"><em class="replaceable"><code>service</code></em>.service</code>,
<code class="filename"><em class="replaceable"><code>socket</code></em>.socket</code>,
<code class="filename"><em class="replaceable"><code>mount</code></em>.mount</code>,
<code class="filename"><em class="replaceable"><code>swap</code></em>.swap</code>
</p></div><div class="refsect1"><a name="idm140713549463728"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description"></a></h2><p>Unit configuration files for services, slices, scopes,
sockets, mount points, and swap devices share a subset of
configuration options for resource control of spawned
processes. Internally, this relies on the Control Groups
kernel concept for organizing processes in a hierarchical tree of
named groups for the purpose of resource management.</p><p>This man page lists the configuration options shared by
those six unit types. See
<a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>
for the common options of all unit configuration files, and
<a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>,
<a href="systemd.scope.html"><span class="citerefentry"><span class="refentrytitle">systemd.scope</span>(5)</span></a>,
<a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>,
<a href="systemd.socket.html"><span class="citerefentry"><span class="refentrytitle">systemd.socket</span>(5)</span></a>,
<a href="systemd.mount.html"><span class="citerefentry"><span class="refentrytitle">systemd.mount</span>(5)</span></a>,
and
<a href="systemd.swap.html"><span class="citerefentry"><span class="refentrytitle">systemd.swap</span>(5)</span></a>
for more information on the specific unit configuration files. The
resource control configuration options are configured in the
[Slice], [Scope], [Service], [Socket], [Mount], or [Swap]
sections, depending on the unit type.</p><p>See the <a class="ulink" href="http://www.freedesktop.org/wiki/Software/systemd/ControlGroupInterface/" target="_top">New
Control Group Interfaces</a> for an introduction on how to make
use of resource control APIs from programs.</p></div><div class="refsect1"><a name="idm140713549454560"></a><h2 id="Options">Options<a class="headerlink" title="Permalink to this headline" href="#Options"></a></h2><p>Units of the types listed above can have settings
for resource control configuration:</p><div class="variablelist"><dl class="variablelist"><dt id="CPUAccounting="><span class="term"><code class="varname">CPUAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#CPUAccounting="></a></dt><dd><p>Turn on CPU usage accounting for this unit. Takes a
boolean argument. Note that turning on CPU accounting for
one unit might also implicitly turn it on for all units
contained in the same slice and for all its parent slices
and the units contained therein. The system default for this
setting maybe controlled with
<code class="varname">DefaultCPUAccounting=</code> in
<a href="systemd-system.conf.html"><span class="citerefentry"><span class="refentrytitle">systemd-system.conf</span>(5)</span></a>.</p></dd><dt id="CPUShares=weight"><span class="term"><code class="varname">CPUShares=<em class="replaceable"><code>weight</code></em></code>, </span><span class="term"><code class="varname">StartupCPUShares=<em class="replaceable"><code>weight</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#CPUShares=weight"></a></dt><dd><p>Assign the specified CPU time share weight to the
processes executed. Those options take an integer value and
control the "<code class="literal">cpu.shares</code>" control group
attribute, which defaults to 1024. For details about this
control group attribute, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt" target="_top">sched-design-CFS.txt</a>.
The available CPU time is split up among all units within
one slice relative to their CPU time share weight.</p><p>While <code class="varname">StartupCPUShares=</code> only
applies to the startup phase of the system,
<code class="varname">CPUShares=</code> applies to normal runtime of
the system, and if the former is not set also to the startup
phase. Using <code class="varname">StartupCPUShares=</code> allows
prioritizing specific services at boot-up differently than
during normal runtime.</p><p>Those options imply
"<code class="literal">CPUAccounting=true</code>".</p></dd><dt id="CPUQuota="><span class="term"><code class="varname">CPUQuota=</code></span><a class="headerlink" title="Permalink to this term" href="#CPUQuota="></a></dt><dd><p>Assign the specified CPU time quota to the processes
executed. Takes a percentage value, suffixed with "%". The
percentage specifies how much CPU time the unit shall get at
maximum, relative to the total CPU time available on one
CPU. Use values &gt; 100% for allotting CPU time on more than
one CPU. This controls the
"<code class="literal">cpu.cfs_quota_us</code>" control group
attribute. For details about this control group attribute,
see <a class="ulink" href="https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt" target="_top">sched-design-CFS.txt</a>.</p><p>Example: <code class="varname">CPUQuota=20%</code> ensures that
the executed processes will never get more than 20% CPU time
on one CPU.</p><p>Implies "<code class="literal">CPUAccounting=true</code>".</p></dd><dt id="MemoryAccounting="><span class="term"><code class="varname">MemoryAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#MemoryAccounting="></a></dt><dd><p>Turn on process and kernel memory accounting for this
unit. Takes a boolean argument. Note that turning on memory
accounting for one unit might also implicitly turn it on for
all its parent slices. The system default for this setting
maybe controlled with
<code class="varname">DefaultMemoryAccounting=</code> in
<a href="systemd-system.conf.html"><span class="citerefentry"><span class="refentrytitle">systemd-system.conf</span>(5)</span></a>.</p></dd><dt id="MemoryLimit=bytes"><span class="term"><code class="varname">MemoryLimit=<em class="replaceable"><code>bytes</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#MemoryLimit=bytes"></a></dt><dd><p>Specify the limit on maximum memory usage of the
executed processes. The limit specifies how much process and
kernel memory can be used by tasks in this unit. Takes a
memory size in bytes. If the value is suffixed with K, M, G
or T, the specified memory size is parsed as Kilobytes,
Megabytes, Gigabytes, or Terabytes (with the base 1024),
respectively. This controls the
"<code class="literal">memory.limit_in_bytes</code>" control group
attribute. For details about this control group attribute,
see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/memory.txt" target="_top">memory.txt</a>.</p><p>Implies "<code class="literal">MemoryAccounting=true</code>".</p></dd><dt id="BlockIOAccounting="><span class="term"><code class="varname">BlockIOAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#BlockIOAccounting="></a></dt><dd><p>Turn on Block IO accounting for this unit. Takes a
boolean argument. Note that turning on block IO accounting
for one unit might also implicitly turn it on for all units
contained in the same slice and all for its parent slices
and the units contained therein. The system default for this
setting maybe controlled with
<code class="varname">DefaultBlockIOAccounting=</code> in
<a href="systemd-system.conf.html"><span class="citerefentry"><span class="refentrytitle">systemd-system.conf</span>(5)</span></a>.</p></dd><dt id="BlockIOWeight=weight"><span class="term"><code class="varname">BlockIOWeight=<em class="replaceable"><code>weight</code></em></code>, </span><span class="term"><code class="varname">StartupBlockIOWeight=<em class="replaceable"><code>weight</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#BlockIOWeight=weight"></a></dt><dd><p>Set the default overall block IO weight for
the executed processes. Takes a single weight value (between
10 and 1000) to set the default block IO weight. This controls
the "<code class="literal">blkio.weight</code>" control group attribute,
which defaults to 1000. For details about this control group
attribute, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.
The available IO bandwidth is split up among all units within
one slice relative to their block IO weight.</p><p>While <code class="varname">StartupBlockIOWeight=</code> only
applies to the startup phase of the system,
<code class="varname">BlockIOWeight=</code> applies to the later runtime
of the system, and if the former is not set also to the
startup phase. This allows prioritizing specific services at
boot-up differently than during runtime.</p><p>Implies
"<code class="literal">BlockIOAccounting=true</code>".</p></dd><dt id="BlockIODeviceWeight=device weight"><span class="term"><code class="varname">BlockIODeviceWeight=<em class="replaceable"><code>device</code></em> <em class="replaceable"><code>weight</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#BlockIODeviceWeight=device%20weight"></a></dt><dd><p>Set the per-device overall block IO weight for the
executed processes. Takes a space-separated pair of a file
path and a weight value to specify the device specific
weight value, between 10 and 1000. (Example: "/dev/sda
500"). The file path may be specified as path to a block
device node or as any other file, in which case the backing
block device of the file system of the file is
determined. This controls the
"<code class="literal">blkio.weight_device</code>" control group
attribute, which defaults to 1000. Use this option multiple
times to set weights for multiple devices. For details about
this control group attribute, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.</p><p>Implies
"<code class="literal">BlockIOAccounting=true</code>".</p></dd><dt id="BlockIOReadBandwidth=device bytes"><span class="term"><code class="varname">BlockIOReadBandwidth=<em class="replaceable"><code>device</code></em> <em class="replaceable"><code>bytes</code></em></code>, </span><span class="term"><code class="varname">BlockIOWriteBandwidth=<em class="replaceable"><code>device</code></em> <em class="replaceable"><code>bytes</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#BlockIOReadBandwidth=device%20bytes"></a></dt><dd><p>Set the per-device overall block IO bandwidth limit
for the executed processes. Takes a space-separated pair of
a file path and a bandwidth value (in bytes per second) to
specify the device specific bandwidth. The file path may be
a path to a block device node, or as any other file in which
case the backing block device of the file system of the file
is used. If the bandwidth is suffixed with K, M, G, or T,
the specified bandwidth is parsed as Kilobytes, Megabytes,
Gigabytes, or Terabytes, respectively, to the base of
1000. (Example:
"/dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0 5M"). This
controls the "<code class="literal">blkio.read_bps_device</code>" and
"<code class="literal">blkio.write_bps_device</code>" control group
attributes. Use this option multiple times to set bandwidth
limits for multiple devices. For details about these control
group attributes, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.
</p><p>Implies
"<code class="literal">BlockIOAccounting=true</code>".</p></dd><dt id="DeviceAllow="><span class="term"><code class="varname">DeviceAllow=</code></span><a class="headerlink" title="Permalink to this term" href="#DeviceAllow="></a></dt><dd><p>Control access to specific device nodes by the
executed processes. Takes two space-separated strings: a
device node specifier followed by a combination of
<code class="constant">r</code>, <code class="constant">w</code>,
<code class="constant">m</code> to control
<span class="emphasis"><em>r</em></span>eading, <span class="emphasis"><em>w</em></span>riting,
or creation of the specific device node(s) by the unit
(<span class="emphasis"><em>m</em></span>knod), respectively. This controls
the "<code class="literal">devices.allow</code>" and
"<code class="literal">devices.deny</code>" control group
attributes. For details about these control group
attributes, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/devices.txt" target="_top">devices.txt</a>.</p><p>The device node specifier is either a path to a device
node in the file system, starting with
<code class="filename">/dev/</code>, or a string starting with either
"<code class="literal">char-</code>" or "<code class="literal">block-</code>"
followed by a device group name, as listed in
<code class="filename">/proc/devices</code>. The latter is useful to
whitelist all current and future devices belonging to a
specific device group at once. The device group is matched
according to file name globbing rules, you may hence use the
"<code class="literal">*</code>" and "<code class="literal">?</code>"
wildcards. Examples: <code class="filename">/dev/sda5</code> is a
path to a device node, referring to an ATA or SCSI block
device. "<code class="literal">char-pts</code>" and
"<code class="literal">char-alsa</code>" are specifiers for all pseudo
TTYs and all ALSA sound devices,
respectively. "<code class="literal">char-cpu/*</code>" is a specifier
matching all CPU related device groups.</p></dd><dt id="DevicePolicy=auto|closed|strict"><span class="term"><code class="varname">DevicePolicy=auto|closed|strict</code></span><a class="headerlink" title="Permalink to this term" href="#DevicePolicy=auto%7Cclosed%7Cstrict"></a></dt><dd><p>
Control the policy for allowing device access:
</p><div class="variablelist"><dl class="variablelist"><dt id="strict"><span class="term"><code class="option">strict</code></span><a class="headerlink" title="Permalink to this term" href="#strict"></a></dt><dd><p>means to only allow types of access that are
explicitly specified.</p></dd><dt id="closed"><span class="term"><code class="option">closed</code></span><a class="headerlink" title="Permalink to this term" href="#closed"></a></dt><dd><p>in addition, allows access to standard pseudo
devices including
<code class="filename">/dev/null</code>,
<code class="filename">/dev/zero</code>,
<code class="filename">/dev/full</code>,
<code class="filename">/dev/random</code>, and
<code class="filename">/dev/urandom</code>.
</p></dd><dt id="auto"><span class="term"><code class="option">auto</code></span><a class="headerlink" title="Permalink to this term" href="#auto"></a></dt><dd><p>
in addition, allows access to all devices if no
explicit <code class="varname">DeviceAllow=</code> is present.
This is the default.
</p></dd></dl></div></dd><dt id="Slice="><span class="term"><code class="varname">Slice=</code></span><a class="headerlink" title="Permalink to this term" href="#Slice="></a></dt><dd><p>The name of the slice unit to place the unit
in. Defaults to <code class="filename">system.slice</code> for all
non-instantiated units of all unit types (except for slice
units themselves see below). Instance units are by default
placed in a subslice of <code class="filename">system.slice</code>
that is named after the template name.</p><p>This option may be used to arrange systemd units in a
hierarchy of slices each of which might have resource
settings applied.</p><p>For units of type slice, the only accepted value for
this setting is the parent slice. Since the name of a slice
unit implies the parent slice, it is hence redundant to ever
set this parameter directly for slice units.</p></dd><dt id="Delegate="><span class="term"><code class="varname">Delegate=</code></span><a class="headerlink" title="Permalink to this term" href="#Delegate="></a></dt><dd><p>Turns on delegation of further resource control
partitioning to processes of the unit. For unprivileged
services (i.e. those using the <code class="varname">User=</code>
setting) this allows processes to create a subhierarchy
beneath its control group path. For privileged services and
scopes this ensures the processes will have all control
group controllers enabled.</p></dd></dl></div></div><div class="refsect1"><a name="idm140713548353680"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also"></a></h2><p>
<a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
<a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>,
<a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>,
<a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>,
<a href="systemd.scope.html"><span class="citerefentry"><span class="refentrytitle">systemd.scope</span>(5)</span></a>,
<a href="systemd.socket.html"><span class="citerefentry"><span class="refentrytitle">systemd.socket</span>(5)</span></a>,
<a href="systemd.mount.html"><span class="citerefentry"><span class="refentrytitle">systemd.mount</span>(5)</span></a>,
<a href="systemd.swap.html"><span class="citerefentry"><span class="refentrytitle">systemd.swap</span>(5)</span></a>,
<a href="systemd.directives.html"><span class="citerefentry"><span class="refentrytitle">systemd.directives</span>(7)</span></a>,
<a href="systemd.special.html"><span class="citerefentry"><span class="refentrytitle">systemd.special</span>(7)</span></a>,
The documentation for control groups and specific controllers in the Linux kernel:
<a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt" target="_top">cgroups.txt</a>,
<a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/cpuacct.txt" target="_top">cpuacct.txt</a>,
<a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/memory.txt" target="_top">memory.txt</a>,
<a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.
</p></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink