X-Git-Url: https://git.proxmox.com/?p=pve-docs.git;a=blobdiff_plain;f=pct.adoc;h=e9f399e3196a0bea7b9ad6c06df7a96cd281e7df;hp=2619974bf93686fa6ebe0d13a692fb36117ab88c;hb=98a741e0cfa7fc6f01f26a0a26a1dfcb12e0a153;hpb=eeecce951623a1b549493fb75f491badd30011fd diff --git a/pct.adoc b/pct.adoc index 2619974..e9f399e 100644 --- a/pct.adoc +++ b/pct.adoc @@ -101,11 +101,13 @@ unprivileged containers are safe by design. Configuration ------------- -The '/etc/pve/lxc/.conf' files stores container configuration, -where '' is the numeric ID of the given container. Note that -CTIDs < 100 are reserved for internal purposes, and CTIDs need to be -unique cluster wide. Files are stored inside '/etc/pve/', so they get -automatically replicated to all other cluster nodes. +The '/etc/pve/lxc/.conf' file stores container configuration, +where '' is the numeric ID of the given container. Like all +other files stored inside '/etc/pve/', they get automatically +replicated to all other cluster nodes. + +NOTE: CTIDs < 100 are reserved for internal purposes, and CTIDs need to be +unique cluster wide. .Example Container Configuration ---- @@ -398,6 +400,36 @@ Similarly device mounts are not managed by the storage, but for these the `quota` and `acl` options will be honored. +Using quotas inside containers +------------------------------ + +Quotas allow to set limits inside a container for the amount of disk space +that each user can use. +This only works on ext4 image based storage types and currently does not work +with unprivileged containers. + +Activating the `quota` option causes the following mount options to be used for +a mountpoint: `usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0` + +This allows quotas to be used like you would on any other system. You can +initialize the `/aquota.user` and `/aquota.group` files by running + + quotacheck -cmug / + quotaon / + +and edit the quotas via the `edquota` command. Refer to the documentation +of the distribution running inside the container for details. + +NOTE: You need to run the above commands for every mountpoint by passing +the mountpoint's path instead of just `/`. + +Using ACLs inside containers +---------------------------- + +The standard Posix Access Control Lists are also available inside containers. +ACLs allow you to set more detailed file ownership than the traditional user/ +group/others model. + Container Advantages --------------------