]> git.proxmox.com Git - systemd.git/blame - man/systemd.resource-control.html
projects / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Imported Upstream version 219
[systemd.git] / man / systemd.resource-control.html
CommitLineData
14228c0d
MB		 1<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>systemd.resource-control</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
2 a.headerlink {
3 color: #c60f0f;
4 font-size: 0.8em;
5 padding: 0 4px 0 4px;
6 text-decoration: none;
7 visibility: hidden;
8 }
9
10 a.headerlink:hover {
11 background-color: #c60f0f;
12 color: white;
13 }
14
15 h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
16 visibility: visible;
17 }
18 </style><a href="index.html">Index </a>·
19 <a href="systemd.directives.html">Directives </a>·
20 <a href="../python-systemd/index.html">Python </a>·
21 <a href="../libudev/index.html">libudev </a>·
e735f4d4 22 <a href="../libudev/index.html">gudev </a><span style="float:right">systemd 219</span><hr><div class="refentry"><a name="systemd.resource-control"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>systemd.resource-control — Resource control unit settings</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p>
14228c0d
MB		 23 <code class="filename"><em class="replaceable"><code>slice</code></em>.slice</code>,
24 <code class="filename"><em class="replaceable"><code>scope</code></em>.scope</code>,
25 <code class="filename"><em class="replaceable"><code>service</code></em>.service</code>,
26 <code class="filename"><em class="replaceable"><code>socket</code></em>.socket</code>,
27 <code class="filename"><em class="replaceable"><code>mount</code></em>.mount</code>,
28 <code class="filename"><em class="replaceable"><code>swap</code></em>.swap</code>
e735f4d4 29 </p></div><div class="refsect1"><a name="idm140713549463728"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description">¶</a></h2><p>Unit configuration files for services, slices, scopes,
14228c0d
MB		 30 sockets, mount points, and swap devices share a subset of
31 configuration options for resource control of spawned
60f067b4 32 processes. Internally, this relies on the Control Groups
e735f4d4 33 kernel concept for organizing processes in a hierarchical tree of
14228c0d
MB		 34 named groups for the purpose of resource management.</p><p>This man page lists the configuration options shared by
35 those six unit types. See
36 <a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>
37 for the common options of all unit configuration files, and
38 <a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>,
39 <a href="systemd.scope.html"><span class="citerefentry"><span class="refentrytitle">systemd.scope</span>(5)</span></a>,
40 <a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>,
41 <a href="systemd.socket.html"><span class="citerefentry"><span class="refentrytitle">systemd.socket</span>(5)</span></a>,
42 <a href="systemd.mount.html"><span class="citerefentry"><span class="refentrytitle">systemd.mount</span>(5)</span></a>,
43 and
44 <a href="systemd.swap.html"><span class="citerefentry"><span class="refentrytitle">systemd.swap</span>(5)</span></a>
45 for more information on the specific unit configuration files. The
46 resource control configuration options are configured in the
47 [Slice], [Scope], [Service], [Socket], [Mount], or [Swap]
48 sections, depending on the unit type.</p><p>See the <a class="ulink" href="http://www.freedesktop.org/wiki/Software/systemd/ControlGroupInterface/" target="_top">New
60f067b4 49 Control Group Interfaces</a> for an introduction on how to make
e735f4d4 50 use of resource control APIs from programs.</p></div><div class="refsect1"><a name="idm140713549454560"></a><h2 id="Options">Options<a class="headerlink" title="Permalink to this headline" href="#Options">¶</a></h2><p>Units of the types listed above can have settings
14228c0d
MB		 51 for resource control configuration:</p><div class="variablelist"><dl class="variablelist"><dt id="CPUAccounting="><span class="term"><code class="varname">CPUAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#CPUAccounting=">¶</a></dt><dd><p>Turn on CPU usage accounting for this unit. Takes a
52 boolean argument. Note that turning on CPU accounting for
53 one unit might also implicitly turn it on for all units
60f067b4
JS		 54 contained in the same slice and for all its parent slices
55 and the units contained therein. The system default for this
56 setting maybe controlled with
57 <code class="varname">DefaultCPUAccounting=</code> in
58 <a href="systemd-system.conf.html"><span class="citerefentry"><span class="refentrytitle">systemd-system.conf</span>(5)</span></a>.</p></dd><dt id="CPUShares=weight"><span class="term"><code class="varname">CPUShares=<em class="replaceable"><code>weight</code></em></code>, </span><span class="term"><code class="varname">StartupCPUShares=<em class="replaceable"><code>weight</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#CPUShares=weight">¶</a></dt><dd><p>Assign the specified CPU time share weight to the
59 processes executed. Those options take an integer value and
60 control the "<code class="literal">cpu.shares</code>" control group
14228c0d 61 attribute, which defaults to 1024. For details about this
60f067b4
JS		 62 control group attribute, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt" target="_top">sched-design-CFS.txt</a>.
63 The available CPU time is split up among all units within
64 one slice relative to their CPU time share weight.</p><p>While <code class="varname">StartupCPUShares=</code> only
65 applies to the startup phase of the system,
66 <code class="varname">CPUShares=</code> applies to normal runtime of
67 the system, and if the former is not set also to the startup
68 phase. Using <code class="varname">StartupCPUShares=</code> allows
e735f4d4 69 prioritizing specific services at boot-up differently than
60f067b4
JS		 70 during normal runtime.</p><p>Those options imply
71 "<code class="literal">CPUAccounting=true</code>".</p></dd><dt id="CPUQuota="><span class="term"><code class="varname">CPUQuota=</code></span><a class="headerlink" title="Permalink to this term" href="#CPUQuota=">¶</a></dt><dd><p>Assign the specified CPU time quota to the processes
72 executed. Takes a percentage value, suffixed with "%". The
73 percentage specifies how much CPU time the unit shall get at
74 maximum, relative to the total CPU time available on one
e735f4d4 75 CPU. Use values &gt; 100% for allotting CPU time on more than
60f067b4
JS		 76 one CPU. This controls the
77 "<code class="literal">cpu.cfs_quota_us</code>" control group
78 attribute. For details about this control group attribute,
5eef597e 79 see <a class="ulink" href="https://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt" target="_top">sched-design-CFS.txt</a>.</p><p>Example: <code class="varname">CPUQuota=20%</code> ensures that
60f067b4
JS		 80 the executed processes will never get more than 20% CPU time
81 on one CPU.</p><p>Implies "<code class="literal">CPUAccounting=true</code>".</p></dd><dt id="MemoryAccounting="><span class="term"><code class="varname">MemoryAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#MemoryAccounting=">¶</a></dt><dd><p>Turn on process and kernel memory accounting for this
14228c0d
MB		 82 unit. Takes a boolean argument. Note that turning on memory
83 accounting for one unit might also implicitly turn it on for
60f067b4
JS		 84 all its parent slices. The system default for this setting
85 maybe controlled with
86 <code class="varname">DefaultMemoryAccounting=</code> in
87 <a href="systemd-system.conf.html"><span class="citerefentry"><span class="refentrytitle">systemd-system.conf</span>(5)</span></a>.</p></dd><dt id="MemoryLimit=bytes"><span class="term"><code class="varname">MemoryLimit=<em class="replaceable"><code>bytes</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#MemoryLimit=bytes">¶</a></dt><dd><p>Specify the limit on maximum memory usage of the
14228c0d
MB		 88 executed processes. The limit specifies how much process and
89 kernel memory can be used by tasks in this unit. Takes a
90 memory size in bytes. If the value is suffixed with K, M, G
91 or T, the specified memory size is parsed as Kilobytes,
92 Megabytes, Gigabytes, or Terabytes (with the base 1024),
93 respectively. This controls the
94 "<code class="literal">memory.limit_in_bytes</code>" control group
95 attribute. For details about this control group attribute,
96 see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/memory.txt" target="_top">memory.txt</a>.</p><p>Implies "<code class="literal">MemoryAccounting=true</code>".</p></dd><dt id="BlockIOAccounting="><span class="term"><code class="varname">BlockIOAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#BlockIOAccounting=">¶</a></dt><dd><p>Turn on Block IO accounting for this unit. Takes a
97 boolean argument. Note that turning on block IO accounting
98 for one unit might also implicitly turn it on for all units
60f067b4
JS		 99 contained in the same slice and all for its parent slices
100 and the units contained therein. The system default for this
101 setting maybe controlled with
102 <code class="varname">DefaultBlockIOAccounting=</code> in
103 <a href="systemd-system.conf.html"><span class="citerefentry"><span class="refentrytitle">systemd-system.conf</span>(5)</span></a>.</p></dd><dt id="BlockIOWeight=weight"><span class="term"><code class="varname">BlockIOWeight=<em class="replaceable"><code>weight</code></em></code>, </span><span class="term"><code class="varname">StartupBlockIOWeight=<em class="replaceable"><code>weight</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#BlockIOWeight=weight">¶</a></dt><dd><p>Set the default overall block IO weight for
104 the executed processes. Takes a single weight value (between
105 10 and 1000) to set the default block IO weight. This controls
106 the "<code class="literal">blkio.weight</code>" control group attribute,
107 which defaults to 1000. For details about this control group
108 attribute, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.
109 The available IO bandwidth is split up among all units within
110 one slice relative to their block IO weight.</p><p>While <code class="varname">StartupBlockIOWeight=</code> only
111 applies to the startup phase of the system,
112 <code class="varname">BlockIOWeight=</code> applies to the later runtime
113 of the system, and if the former is not set also to the
e735f4d4 114 startup phase. This allows prioritizing specific services at
60f067b4 115 boot-up differently than during runtime.</p><p>Implies
14228c0d
MB		 116 "<code class="literal">BlockIOAccounting=true</code>".</p></dd><dt id="BlockIODeviceWeight=device weight"><span class="term"><code class="varname">BlockIODeviceWeight=<em class="replaceable"><code>device</code></em> <em class="replaceable"><code>weight</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#BlockIODeviceWeight=device%20weight">¶</a></dt><dd><p>Set the per-device overall block IO weight for the
117 executed processes. Takes a space-separated pair of a file
118 path and a weight value to specify the device specific
119 weight value, between 10 and 1000. (Example: "/dev/sda
120 500"). The file path may be specified as path to a block
60f067b4 121 device node or as any other file, in which case the backing
14228c0d
MB		 122 block device of the file system of the file is
123 determined. This controls the
124 "<code class="literal">blkio.weight_device</code>" control group
125 attribute, which defaults to 1000. Use this option multiple
126 times to set weights for multiple devices. For details about
127 this control group attribute, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.</p><p>Implies
128 "<code class="literal">BlockIOAccounting=true</code>".</p></dd><dt id="BlockIOReadBandwidth=device bytes"><span class="term"><code class="varname">BlockIOReadBandwidth=<em class="replaceable"><code>device</code></em> <em class="replaceable"><code>bytes</code></em></code>, </span><span class="term"><code class="varname">BlockIOWriteBandwidth=<em class="replaceable"><code>device</code></em> <em class="replaceable"><code>bytes</code></em></code></span><a class="headerlink" title="Permalink to this term" href="#BlockIOReadBandwidth=device%20bytes">¶</a></dt><dd><p>Set the per-device overall block IO bandwidth limit
129 for the executed processes. Takes a space-separated pair of
130 a file path and a bandwidth value (in bytes per second) to
131 specify the device specific bandwidth. The file path may be
132 a path to a block device node, or as any other file in which
133 case the backing block device of the file system of the file
134 is used. If the bandwidth is suffixed with K, M, G, or T,
135 the specified bandwidth is parsed as Kilobytes, Megabytes,
60f067b4
JS		 136 Gigabytes, or Terabytes, respectively, to the base of
137 1000. (Example:
14228c0d
MB		 138 "/dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0 5M"). This
139 controls the "<code class="literal">blkio.read_bps_device</code>" and
140 "<code class="literal">blkio.write_bps_device</code>" control group
141 attributes. Use this option multiple times to set bandwidth
142 limits for multiple devices. For details about these control
60f067b4 143 group attributes, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.
14228c0d
MB		 144 </p><p>Implies
145 "<code class="literal">BlockIOAccounting=true</code>".</p></dd><dt id="DeviceAllow="><span class="term"><code class="varname">DeviceAllow=</code></span><a class="headerlink" title="Permalink to this term" href="#DeviceAllow=">¶</a></dt><dd><p>Control access to specific device nodes by the
146 executed processes. Takes two space-separated strings: a
60f067b4
JS		 147 device node specifier followed by a combination of
148 <code class="constant">r</code>, <code class="constant">w</code>,
149 <code class="constant">m</code> to control
14228c0d 150 <span class="emphasis"><em>r</em></span>eading, <span class="emphasis"><em>w</em></span>riting,
60f067b4 151 or creation of the specific device node(s) by the unit
14228c0d
MB		 152 (<span class="emphasis"><em>m</em></span>knod), respectively. This controls
153 the "<code class="literal">devices.allow</code>" and
154 "<code class="literal">devices.deny</code>" control group
60f067b4
JS		 155 attributes. For details about these control group
156 attributes, see <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/devices.txt" target="_top">devices.txt</a>.</p><p>The device node specifier is either a path to a device
157 node in the file system, starting with
158 <code class="filename">/dev/</code>, or a string starting with either
159 "<code class="literal">char-</code>" or "<code class="literal">block-</code>"
160 followed by a device group name, as listed in
161 <code class="filename">/proc/devices</code>. The latter is useful to
162 whitelist all current and future devices belonging to a
163 specific device group at once. The device group is matched
164 according to file name globbing rules, you may hence use the
165 "<code class="literal">*</code>" and "<code class="literal">?</code>"
166 wildcards. Examples: <code class="filename">/dev/sda5</code> is a
167 path to a device node, referring to an ATA or SCSI block
168 device. "<code class="literal">char-pts</code>" and
169 "<code class="literal">char-alsa</code>" are specifiers for all pseudo
170 TTYs and all ALSA sound devices,
171 respectively. "<code class="literal">char-cpu/*</code>" is a specifier
172 matching all CPU related device groups.</p></dd><dt id="DevicePolicy=auto|closed|strict"><span class="term"><code class="varname">DevicePolicy=auto|closed|strict</code></span><a class="headerlink" title="Permalink to this term" href="#DevicePolicy=auto%7Cclosed%7Cstrict">¶</a></dt><dd><p>
14228c0d
MB		 173 Control the policy for allowing device access:
174 </p><div class="variablelist"><dl class="variablelist"><dt id="strict"><span class="term"><code class="option">strict</code></span><a class="headerlink" title="Permalink to this term" href="#strict">¶</a></dt><dd><p>means to only allow types of access that are
175 explicitly specified.</p></dd><dt id="closed"><span class="term"><code class="option">closed</code></span><a class="headerlink" title="Permalink to this term" href="#closed">¶</a></dt><dd><p>in addition, allows access to standard pseudo
176 devices including
177 <code class="filename">/dev/null</code>,
178 <code class="filename">/dev/zero</code>,
179 <code class="filename">/dev/full</code>,
180 <code class="filename">/dev/random</code>, and
181 <code class="filename">/dev/urandom</code>.
182 </p></dd><dt id="auto"><span class="term"><code class="option">auto</code></span><a class="headerlink" title="Permalink to this term" href="#auto">¶</a></dt><dd><p>
183 in addition, allows access to all devices if no
184 explicit <code class="varname">DeviceAllow=</code> is present.
185 This is the default.
186 </p></dd></dl></div></dd><dt id="Slice="><span class="term"><code class="varname">Slice=</code></span><a class="headerlink" title="Permalink to this term" href="#Slice=">¶</a></dt><dd><p>The name of the slice unit to place the unit
187 in. Defaults to <code class="filename">system.slice</code> for all
188 non-instantiated units of all unit types (except for slice
189 units themselves see below). Instance units are by default
190 placed in a subslice of <code class="filename">system.slice</code>
191 that is named after the template name.</p><p>This option may be used to arrange systemd units in a
192 hierarchy of slices each of which might have resource
193 settings applied.</p><p>For units of type slice, the only accepted value for
194 this setting is the parent slice. Since the name of a slice
195 unit implies the parent slice, it is hence redundant to ever
f47781d8 196 set this parameter directly for slice units.</p></dd><dt id="Delegate="><span class="term"><code class="varname">Delegate=</code></span><a class="headerlink" title="Permalink to this term" href="#Delegate=">¶</a></dt><dd><p>Turns on delegation of further resource control
e735f4d4 197 partitioning to processes of the unit. For unprivileged
f47781d8
MP		 198 services (i.e. those using the <code class="varname">User=</code>
199 setting) this allows processes to create a subhierarchy
e735f4d4 200 beneath its control group path. For privileged services and
f47781d8 201 scopes this ensures the processes will have all control
e735f4d4 202 group controllers enabled.</p></dd></dl></div></div><div class="refsect1"><a name="idm140713548353680"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also">¶</a></h2><p>
14228c0d
MB		 203 <a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
204 <a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>,
205 <a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>,
206 <a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>,
207 <a href="systemd.scope.html"><span class="citerefentry"><span class="refentrytitle">systemd.scope</span>(5)</span></a>,
208 <a href="systemd.socket.html"><span class="citerefentry"><span class="refentrytitle">systemd.socket</span>(5)</span></a>,
209 <a href="systemd.mount.html"><span class="citerefentry"><span class="refentrytitle">systemd.mount</span>(5)</span></a>,
210 <a href="systemd.swap.html"><span class="citerefentry"><span class="refentrytitle">systemd.swap</span>(5)</span></a>,
211 <a href="systemd.directives.html"><span class="citerefentry"><span class="refentrytitle">systemd.directives</span>(7)</span></a>,
212 <a href="systemd.special.html"><span class="citerefentry"><span class="refentrytitle">systemd.special</span>(7)</span></a>,
213 The documentation for control groups and specific controllers in the Linux kernel:
214 <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt" target="_top">cgroups.txt</a>,
215 <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/cpuacct.txt" target="_top">cpuacct.txt</a>,
216 <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/memory.txt" target="_top">memory.txt</a>,
217 <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt" target="_top">blkio-controller.txt</a>.
218 </p></div></div></body></html>
systemd for Proxmox projects