Saturday, December 21, 2019

Linux Control Groups (cgroups)

Cgroups - Administer CPU, Memory, Network Bandwidth and I/O resources among hierarchically ordered groups of processes.
Also, systemd automatically mounts hierarchies for important kernel resource controllers  in the /sys/fs/cgroup/ directory.

Resource controller (cgroup subsystem): Allow you set limits on each resource.

Systemd Unit Types
All processes running on the system are child processes of the systemd init process. Systemd provides three unit types that are used for the purpose of resource control

             Service — A process or a group of processes, which systemd started based on a unit configuration file. Services encapsulate the specified processes so that they can be started and stopped as one set. 

              Scope — A group of externally created processes. Scopes encapsulate processes that are started and stopped by arbitrary processes through the fork() function and then registered by systemd at runtime. For instance, user sessions, containers, and virtual machines are treated as scopes. Scopes are named as follows:
              Slice — A group of hierarchically organized units. Slices do not contain processes, they organize a hierarchy in which scopes and services are placed. The actual processes are contained in scopes or in services. In this hierarchical tree, every name of a slice unit corresponds to the path to a location in the hierarchy. The dash ("-") character acts as a separator of the path components. For example, if the name of a slice looks as follows:
parent-name.slice
It means that a slice called parent-name.slice is a subslice of the parent.slice. This slice can have its own sub-slice named parent-name-name2.slice, and so on.
there are four slices created by default:
             -.slice  — the root slice;
             system.slice — the default place for all system services;
             user.slice — the default place for all user sessions;
             machine.slice — the default place for all virtual machines and Linux containers.
The following tree is a simplified example of a cgroup tree. This output was generated with the systemd-cgls
├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 21
├─user.slice
│ └─user-0.slice
│   ├─session-5.scope
│   │ └─3155 /usr/sbin/anacron -s
│   ├─session-3.scope
│   │ ├─2972 sshd: root@pts/0
│   │ ├─2977 -bash
│   │ ├─3754 systemd-cgls
│   │ └─3755 systemd-cgls
│   └─session-1.scope
│     ├─1261 login -- root
│     └─2667 -bash
└─system.slice
  ├─crond.service
  │ └─1264 /usr/sbin/crond -n
  ├─atd.service
  │ └─1259 /usr/sbin/atd -f
  ├─rhnsd.service
  │ └─1269 rhnsd
  ├─libvirtd.service
  │ ├─1247 /usr/sbin/libvirtd

Important cgroup commands

 systemd-cgls  - Recursively show control group contents
systemd-cgtop - Show top control groups by their resource usage like CPU,Memory,Disk I/O
systemd-run  - Run programs in transient scope or service or timer units
systemctl set-property - Applies limits to a CGroup

 systemd-cgls
This command gives CGroup Hierarchy in a tree format.

├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 21
├─user.slice
│ └─user-0.slice
│   ├─session-3.scope
│   │ ├─2972 sshd: root@pts/0
│   │ ├─2977 -bash
│   │ ├─4326 systemd-cgls
│   │ └─4327 systemd-cgls
│   └─session-1.scope
│     ├─1261 login -- root
│     └─2667 -bash
└─system.slice
  ├─crond.service
  │ └─1264 /usr/sbin/crond -n
  ├─atd.service
  │ └─1259 /usr/sbin/atd -f
  ├─rhnsd.service
  │ └─1269 rhnsd
  ├─rhsmcertd.service
  │ └─1254 /usr/bin/rhsmcertd
  ├─rsyslog.service
  │ └─1244 /usr/sbin/rsyslogd -n
  ├─tuned.service
  │ └─1240 /usr/bin/python -Es /usr/sbin/tuned -l -P
  ├─postfix.service
  │ ├─1910 /usr/libexec/postfix/master -w
  │ ├─1990 pickup -l -t unix -u
  │ └─1991 qmgr -l -t unix -u
  ├─sshd.service
  │ └─1451 /usr/sbin/sshd
  ├─cups.service
  │ └─1234 /usr/sbin/cupsd -f
  ├─NetworkManager.service

systemd-cgtop
This show the usage of CPU, Memory ,Disk I/O of CGroups slice in the fashion of top command.

Path                                  Tasks   %CPU   Memory  Input/s Output/s

/                                       177    1.4   268.9M        -        -
/system.slice/ModemManager.service        1      -        -        -        -
/system.slice/NetworkManager.service      2      -        -        -        -
/system.slice/abrt-oops.service           1      -        -        -        -
/system.slice/abrt-xorg.service           1      -        -        -        -
/system.slice/abrtd.service               1      -        -        -        -
/system.slice/alsa-state.service          1      -        -        -        -
/system.slice/atd.service                 1      -        -        -        -
/system.slice/auditd.service              3      -        -        -        -
/system.slice/avahi-daemon.service        2      -        -        -        -

 systemd-run

 command is used to create and start a transient service or scope unit and run a custom command in the unit.
Following command will start a slice called aravindan.slice and a toptest.service unit will be started under this slice.

systemd-run --unit=name --scope --slice=slice_name command
[root@server1 ~]#  systemd-run --unit=toptest --slice=aravindan.slice top -b
Running as unit toptest.service.

[root@server1 ~]# systemd-cgls 
/:
├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 21
├─aravindan.slice
│ └─toptest.service
│   └─4717 /usr/bin/top -b
├─user.slice
│ └─user-0.slice

[root@server1 ~]# systemctl status toptest
● toptest.service - /usr/bin/top -b
   Loaded: loaded (/run/systemd/system/toptest.service; static; vendor preset: disabled)
  Drop-In: /run/systemd/system/toptest.service.d
           └─50-Description.conf, 50-ExecStart.conf, 50-Slice.conf
   Active: active (running) since Sat 2019-12-21 21:45:45 IST; 4min 10s ago
 Main PID: 4717 (top)
   CGroup: /aravindan.slice/toptest.service
           └─4717 /usr/bin/top -b

Dec 21 21:49:53 server1.example.com top[4717]: 2667 root      20   0  116648   3420   1780 S  0.0  0.2   0:00.37 bash
Dec 21 21:49:53 server1.example.com top[4717]: 2977 root      20   0  116280   3124   1796 S  0.0  0.2   0:00.76 bash
Dec 21 21:49:53 server1.example.com top[4717]: 3566 root      20   0       0      0      0 S  0.0  0.0   0:00.07 kworker/u2+
Dec 21 21:49:53 server1.example.com top[4717]: 3665 root      20   0  112820  15868   3392 S  0.0  0.8   0:00.04 dhclient
Dec 21 21:49:53 server1.example.com top[4717]: 4406 postfix   20   0   91164   3964   2968 S  0.0  0.2   0:00.04 pickup
Dec 21 21:49:53 server1.example.com top[4717]: 4494 root       0 -20       0      0      0 S  0.0  0.0   0:00.00 kworker/0:+
Dec 21 21:49:53 server1.example.com top[4717]: 4535 root       0 -20       0      0      0 S  0.0  0.0   0:00.02 kworker/0:+
Dec 21 21:49:53 server1.example.com top[4717]: 4557 root      20   0       0      0      0 S  0.0  0.0   0:00.00 kworker/0:0
Dec 21 21:49:53 server1.example.com top[4717]: 4596 root      20   0  487104   7060   3996 S  0.0  0.4   0:00.05 packagekitd
Dec 21 21:49:53 server1.example.com top[4717]: 4714 root      20   0       0      0      0 S  0.0  0.0   0:00.00 kworker/0:2



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)