Resource Management with systemd LinuxCon North America 2013
Lennart Poettering
September 2013
Lennart Poettering Resource Management with systemd Resource Management?
Lennart Poettering Resource Management with systemd On embedded: limited resources, lots of things to run On servers: a lot of resources, maximization of density Underlying technology for systemd: Linux kernel control groups
Distributing available CPU, IO, and memory resources between services/applications
Lennart Poettering Resource Management with systemd On servers: a lot of resources, maximization of density Underlying technology for systemd: Linux kernel control groups
Distributing available CPU, IO, and memory resources between services/applications On embedded: limited resources, lots of things to run
Lennart Poettering Resource Management with systemd Underlying technology for systemd: Linux kernel control groups
Distributing available CPU, IO, and memory resources between services/applications On embedded: limited resources, lots of things to run On servers: a lot of resources, maximization of density
Lennart Poettering Resource Management with systemd Distributing available CPU, IO, and memory resources between services/applications On embedded: limited resources, lots of things to run On servers: a lot of resources, maximization of density Underlying technology for systemd: Linux kernel control groups
Lennart Poettering Resource Management with systemd First used by systemd merely for grouping processes Original purpose from the kernel side though: resource management
Control Groups
Lennart Poettering Resource Management with systemd Original purpose from the kernel side though: resource management
Control Groups First used by systemd merely for grouping processes
Lennart Poettering Resource Management with systemd Control Groups First used by systemd merely for grouping processes Original purpose from the kernel side though: resource management
Lennart Poettering Resource Management with systemd cgroups are now an implementation detail
systemd hides the fact that cgroups is used underneath
Lennart Poettering Resource Management with systemd systemd hides the fact that cgroups is used underneath cgroups are now an implementation detail
Lennart Poettering Resource Management with systemd (Why is this a job for systemd?)
(Can I still use cgroups without systemd?)
Lennart Poettering Resource Management with systemd (Can I still use cgroups without systemd?) (Why is this a job for systemd?)
Lennart Poettering Resource Management with systemd Services, Scopes, Slices
systemd’s resource management is based on units
Lennart Poettering Resource Management with systemd systemd’s resource management is based on units Services, Scopes, Slices
Lennart Poettering Resource Management with systemd Scope = A group of processes, which others have started and registered using runtime APIs (Example: fedora17.scope) Slice = A unit to build a hierarchy to place service and scope units in (Example: customer1.slice) (User sessions, containers, VMs are exposed as scopes.) Slices do not contain process, they simply organize a hierarchy in which scopes and services may be placed, which in turn contain the processes
Service = A group of processes, which systemd started based on unit configuration. (Example: apache.service)
Lennart Poettering Resource Management with systemd Slice = A unit to build a hierarchy to place service and scope units in (Example: customer1.slice) (User sessions, containers, VMs are exposed as scopes.) Slices do not contain process, they simply organize a hierarchy in which scopes and services may be placed, which in turn contain the processes
Service = A group of processes, which systemd started based on unit configuration. (Example: apache.service) Scope = A group of processes, which others have started and registered using runtime APIs (Example: fedora17.scope)
Lennart Poettering Resource Management with systemd (User sessions, containers, VMs are exposed as scopes.) Slices do not contain process, they simply organize a hierarchy in which scopes and services may be placed, which in turn contain the processes
Service = A group of processes, which systemd started based on unit configuration. (Example: apache.service) Scope = A group of processes, which others have started and registered using runtime APIs (Example: fedora17.scope) Slice = A unit to build a hierarchy to place service and scope units in (Example: customer1.slice)
Lennart Poettering Resource Management with systemd Slices do not contain process, they simply organize a hierarchy in which scopes and services may be placed, which in turn contain the processes
Service = A group of processes, which systemd started based on unit configuration. (Example: apache.service) Scope = A group of processes, which others have started and registered using runtime APIs (Example: fedora17.scope) Slice = A unit to build a hierarchy to place service and scope units in (Example: customer1.slice) (User sessions, containers, VMs are exposed as scopes.)
Lennart Poettering Resource Management with systemd Service = A group of processes, which systemd started based on unit configuration. (Example: apache.service) Scope = A group of processes, which others have started and registered using runtime APIs (Example: fedora17.scope) Slice = A unit to build a hierarchy to place service and scope units in (Example: customer1.slice) (User sessions, containers, VMs are exposed as scopes.) Slices do not contain process, they simply organize a hierarchy in which scopes and services may be placed, which in turn contain the processes
Lennart Poettering Resource Management with systemd Examples: foo.slice, foo-bar.slice customer1.slice, customer1-departmentA.slice, customer1-departmentA-projectalpha.slice systemd-cgls is your friend!
Slices are organized in a hierarchy, the name of a slice unit corresponds with the path to the location in the hierarchy.
Lennart Poettering Resource Management with systemd systemd-cgls is your friend!
Slices are organized in a hierarchy, the name of a slice unit corresponds with the path to the location in the hierarchy. Examples: foo.slice, foo-bar.slice customer1.slice, customer1-departmentA.slice, customer1-departmentA-projectalpha.slice
Lennart Poettering Resource Management with systemd Slices are organized in a hierarchy, the name of a slice unit corresponds with the path to the location in the hierarchy. Examples: foo.slice, foo-bar.slice customer1.slice, customer1-departmentA.slice, customer1-departmentA-projectalpha.slice systemd-cgls is your friend!
Lennart Poettering Resource Management with systemd Default:
+ system.slice | + systemd-udevd.service | + systemd-logind.service | + systemd-journald.service | + apache.service | + mysql.service + user.slice | + user-100.slice | + session-1.scope + machine.slice + fedora-20.scope
Lennart Poettering Resource Management with systemd Example:
+ customer1.slice | + customer1-apache.service | + customer1-mariadb.service + customer2.slice + customer2-departmentA.slice | + customer2-departmentA-apache.service | + customer2-departmentA-mariadb.service + customer2-departmentB.slice + customer2-departmentA-postgresql.service + customer2-departmentA-rhel7.scope + customer2-departmentA-rhel6.scope
Lennart Poettering Resource Management with systemd Every user session automatically gets its own scope within that slice Every templated service automatically gets a slice for grouping all instances
Every user automatically gets his own slice when he logs in
Lennart Poettering Resource Management with systemd Every templated service automatically gets a slice for grouping all instances
Every user automatically gets his own slice when he logs in Every user session automatically gets its own scope within that slice
Lennart Poettering Resource Management with systemd Every user automatically gets his own slice when he logs in Every user session automatically gets its own scope within that slice Every templated service automatically gets a slice for grouping all instances
Lennart Poettering Resource Management with systemd Example:
+ customer1.slice + customer1-apache.slice + [email protected] + [email protected]
Lennart Poettering Resource Management with systemd Slice=
Arranging units in slices
Lennart Poettering Resource Management with systemd Arranging units in slices Slice=
Lennart Poettering Resource Management with systemd CPUAccounting=1, CPUShares= MemoryAccounting=1, MemoryLimit=, MemorySoftLimit= BlockIOAccounting=1, BlockIOWeight=, BlockIODeviceWeight=, BlockIOReadBandwidth=, BlockIOWriteBandwidth= DeviceAllow=, DevicePolicy=
Setting resources on units
Lennart Poettering Resource Management with systemd MemoryAccounting=1, MemoryLimit=, MemorySoftLimit= BlockIOAccounting=1, BlockIOWeight=, BlockIODeviceWeight=, BlockIOReadBandwidth=, BlockIOWriteBandwidth= DeviceAllow=, DevicePolicy=
Setting resources on units CPUAccounting=1, CPUShares=
Lennart Poettering Resource Management with systemd BlockIOAccounting=1, BlockIOWeight=, BlockIODeviceWeight=, BlockIOReadBandwidth=, BlockIOWriteBandwidth= DeviceAllow=, DevicePolicy=
Setting resources on units CPUAccounting=1, CPUShares= MemoryAccounting=1, MemoryLimit=, MemorySoftLimit=
Lennart Poettering Resource Management with systemd DeviceAllow=, DevicePolicy=
Setting resources on units CPUAccounting=1, CPUShares= MemoryAccounting=1, MemoryLimit=, MemorySoftLimit= BlockIOAccounting=1, BlockIOWeight=, BlockIODeviceWeight=, BlockIOReadBandwidth=, BlockIOWriteBandwidth=
Lennart Poettering Resource Management with systemd Setting resources on units CPUAccounting=1, CPUShares= MemoryAccounting=1, MemoryLimit=, MemorySoftLimit= BlockIOAccounting=1, BlockIOWeight=, BlockIODeviceWeight=, BlockIOReadBandwidth=, BlockIOWriteBandwidth= DeviceAllow=, DevicePolicy=
Lennart Poettering Resource Management with systemd [Unit] Description=Foobar Daemon
[Service] ExecStart=/usr/bin/foobard CPUShares=600 MemoryLimit=500M
For services and slices in unit files or drop-ins:
Lennart Poettering Resource Management with systemd For services and slices in unit files or drop-ins:
[Unit] Description=Foobar Daemon
[Service] ExecStart=/usr/bin/foobard CPUShares=600 MemoryLimit=500M
Lennart Poettering Resource Management with systemd $ systemctl set-property httpd.service CPUShares=600 MemoryLimit=500M
At runtime with systemctl:
Lennart Poettering Resource Management with systemd At runtime with systemctl: $ systemctl set-property httpd.service CPUShares=600 MemoryLimit=500M
Lennart Poettering Resource Management with systemd . . . from your app via bus calls
Lennart Poettering Resource Management with systemd systemd-cgtop Don’t forget to enable CPU/Memory/BlockIO accounting!
Monitoring
Lennart Poettering Resource Management with systemd Don’t forget to enable CPU/Memory/BlockIO accounting!
Monitoring systemd-cgtop
Lennart Poettering Resource Management with systemd Monitoring systemd-cgtop Don’t forget to enable CPU/Memory/BlockIO accounting!
Lennart Poettering Resource Management with systemd Not dynamically changable for units
There’s more to resource management! Nice=, IOSchedulingClass=, IOSchedulingPriority=, CPUSchedulingPolicy=, CPUSchedulingPriority=, CPUAffinity=, TimerSlackNS=, LimitCPU=, . . . ,
Lennart Poettering Resource Management with systemd There’s more to resource management! Nice=, IOSchedulingClass=, IOSchedulingPriority=, CPUSchedulingPolicy=, CPUSchedulingPriority=, CPUAffinity=, TimerSlackNS=, LimitCPU=, . . . , Not dynamically changable for units
Lennart Poettering Resource Management with systemd That’s all, folks!
Lennart Poettering Resource Management with systemd