RESOURCE_CONTROLS(7) Standards, Environments, and Macros RESOURCE_CONTROLS(7)
NAME
resource_controls - resource controls available through projects and
zones
DESCRIPTION
The resource controls facility is configured through the project
database. See
project(5). You can set and modify resource controls
through the following utilities:
o
prctl(1) o
projadd(8) o
projmod(8) o
rctladm(8) o
zonecfg(8) In a program, you use
setrctl(2) to set resource control values.
In addition to the preceding resource controls, there are resource pools,
accessible through the
pooladm(8) and
poolcfg(8) utilities. In a program,
resource pools can be manipulated through the
libpool(3LIB) library.
The following are the resource controls are available:
process.max-address-space Maximum amount of address space, as summed over segment sizes, that
is available to this process, expressed as a number of bytes.
process.max-core-size Maximum size of a core file created by this process, expressed as a
number of bytes.
process.max-cpu-time Maximum CPU time that is available to this process, expressed as a
number of seconds.
process.max-data-size Maximum heap memory available to this process, expressed as a number
of bytes.
process.max-file-descriptor Maximum file descriptor index available to this process, expressed as
an integer.
process.max-file-size Maximum file offset available for writing by this process, expressed
as a number of bytes.
process.max-locked-memory Total amount of physical memory that can be locked by this process,
expressed as a number of bytes. This limit is not enforced for a
process with the
PRIV_PROC_LOCK_MEMORY privilege. Because the ability
to lock memory is controlled by the
PRIV_PROC_LOCK_MEMORY privilege
within native zones, this resource control is only useful within
branded zones which might support a different policy for locking
memory.
process.max-msg-messages Maximum number of messages on a message queue (value copied from the
resource control at
msgget() time), expressed as an integer.
process.max-msg-qbytes Maximum number of bytes of messages on a message queue (value copied
from the resource control at
msgget() time), expressed as a number of
bytes.
process.max-port-events Maximum allowable number of events per event port, expressed as an
integer.
process.max-sem-nsems Maximum number of semaphores allowed per semaphore set, expressed as
an integer.
process.max-sem-ops Maximum number of semaphore operations allowed per
semop call (value
copied from the resource control at
semget() time). Expressed as an
integer, specifying the number of operations.
process.max-sigqueue-size Maximum number of outstanding queued signals.
process.max-stack-size Maximum stack memory segment available to this process, expressed as
a number of bytes.
project.cpu-cap Maximum amount of CPU resources that a project can use. The unit used
is the percentage of a single CPU that can be used by all user
threads in a project. Expressed as an integer. The cap does not
apply to threads running in real-time scheduling class. This resource
control does not support the
syslog action.
project.cpu-shares Number of CPU shares granted to a project for use with the fair share
scheduler (see
FSS(4)). The unit used is the number of shares (an
integer). This resource control does not support the
syslog action.
project.max-contracts Maximum number of contracts allowed in a project, expressed as an
integer.
project.max-crypto-memory Maximum amount of kernel memory that can be used for crypto
operations. Allocations in the kernel for buffers and session-
related structures are charged against this resource control.
project.max-locked-memory Total amount of physical memory locked by device drivers and user
processes (including D/ISM), expressed as a number of bytes.
project.max-lwps Maximum number of LWPs simultaneously available to a project,
expressed as an integer.
project.max-msg-ids Maximum number of message queue IDs allowed for a project, expressed
as an integer.
project.max-processes Maximum number of processes simultaneously available to a project,
expressed as an integer.
project.max-port-ids Maximum allowable number of event ports, expressed as an integer.
project.max-sem-ids Maximum number of semaphore IDs allowed for a project, expressed as
an integer.
project.max-shm-ids Maximum number of shared memory IDs allowed for a project, expressed
as an integer.
project.max-shm-memory Total amount of shared memory allowed for a project, expressed as a
number of bytes.
project.max-tasks Maximum number of tasks allowable in a project, expressed as an
integer.
project.pool Binds a specified resource pool with a project.
rcap.max-rss The total amount of physical memory, in bytes, that is available to
processes in a project.
task.max-cpu-time Maximum CPU time that is available to this task's processes,
expressed as a number of seconds.
task.max-lwps Maximum number of LWPs simultaneously available to this task's
processes, expressed as an integer.
task.max-processes Maximum number of processes simultaneously available to this task,
expressed as an integer.
The following zone-wide resource controls are available:
zone.cpu-baseline Sets a baseline amount of CPU time that a zone can use before it is
considered to be bursting. The unit used is the percentage of a
single CPU that is being used by all user threads in a zone. The
value should be less than the
zone.cpu-cap rctl value and is
expressed as an integer. This resource control does not support the
syslog action.
zone.cpu-burst-time Sets the number of seconds that a zone can exceed the
zone.cpu- baseline rctl value before being cpu-capped down to the
zone.cpu- baseline. A value of 0 means that
zone.cpu-baseline can be exceeded
indefinitely. This resource control does not support the
syslog action.
zone.cpu-cap Sets a limit on the amount of CPU time that can be used by a zone.
The unit used is the percentage of a single CPU that can be used by
all user threads in a zone. Expressed as an integer. When projects
within the capped zone have their own caps, the minimum value takes
precedence. This resource control does not support the
syslog action.
zone.cpu-shares Sets a value on the number of fair share scheduler (FSS) CPU shares
for a zone. CPU shares are first allocated to the zone, and then
further subdivided among projects within the zone as specified in the
project.cpu-shares entries. Expressed as an integer. This resource
control does not support the
syslog action.
zone.max-locked-memory Total amount of physical locked memory available to a zone.
zone.max-lofi Sets a limit on the number of
LOFI(4D) devices that can be created in
a zone. Expressed as an integer. This resource control does not
support the
syslog action.
zone.max-lwps Enhances resource isolation by preventing too many LWPs in one zone
from affecting other zones. A zone's total LWPs can be further
subdivided among projects within the zone by using
project.max-lwps entries. Expressed as an integer.
zone.max-msg-ids Maximum number of message queue IDs allowed for a zone, expressed as
an integer.
zone.max-physical-memory Sets a limit on the amount of physical memory (RSS) that can be used
by a zone before resident pages start being forcibly paged out. The
unit used is bytes. Expressed as an integer. This resource control
does not support the
syslog action.
zone.max-processes Enhances resource isolation by preventing too many processes in
one zone from affecting other zones. A zone's total processes can
be further subdivided among projects within the zone by using
project.max-processes entries. Expressed as an integer.
zone.max-sem-ids Maximum number of semaphore IDs allowed for a zone, expressed as an
integer.
zone.max-shm-ids Maximum number of shared memory IDs allowed for a zone, expressed as
an integer.
zone.max-shm-memory Total amount of shared memory allowed for a zone, expressed as a
number of bytes.
zone.max-swap Total amount of swap that can be consumed by user process address
space mappings and
tmpfs mounts for this zone.
zone.zfs-io-priority Sets a value for the
zfs(8) I/O priority for a zone. This is used as
one of the inputs to determine if a zone's I/O should be throttled.
Expressed as an integer. This resource control does not support the
syslog action.
See
zones(7).
Units Used in Resource Controls
Resource controls can be expressed as in units of size (bytes), time
(seconds), or as a count (integer). These units use the strings specified
below.
Category Res Ctrl Modifier Scale
Type String
----------- ----------- -------- -----
Size bytes B 1
KB 2^10
MB 2^20
GB 2^30
TB 2^40
PB 2^50
EB 2^60
Time seconds s 1
Ks 10^3
Ms 10^6
Gs 10^9
Ts 10^12
Ps 10^15
Es 10^18
Count integer none 1
K 10^3
M 10^6
G 10^9
T 10^12
P 10^15
Es 10^18
Scaled values can be used with resource controls. The following example
shows a scaled threshold value:
task.max-lwps=(priv,1K,deny)
In the
project file, the value
1K is expanded to
1000:
task.max-lwps=(priv,1000,deny)
A second example uses a larger scaled value:
process.max-file-size=(priv,5G,deny)
In the
project file, the value
5G is expanded to
5368709120:
process.max-file-size=(priv,5368709120,deny)
The preceding examples use the scaling factors specified in the table
above.
Note that unit modifiers (for example,
5G) are accepted by the
prctl(1),
projadd(8), and
projmod(8) commands. You cannot use unit modifiers in the
project database itself.
Resource Control Values and Privilege Levels
A threshold value on a resource control constitutes a point at which
local actions can be triggered or global actions, such as logging, can
occur.
Each threshold value on a resource control must be associated with a
privilege level. The privilege level must be one of the following three
types:
basic Can be modified by the owner of the calling process.
privileged Can be modified by the current process (requiring
sys_resource privilege) or by
prctl(1) (requiring
proc_owner privilege).
system Fixed for the duration of the operating system instance.
A resource control is guaranteed to have one
system value, which is
defined by the system, or resource provider. The
system value represents
how much of the resource the current implementation of the operating
system is capable of providing.
Any number of privileged values can be defined, and only one basic value
is allowed. Operations that are performed without specifying a privilege
value are assigned a basic privilege by default.
The privilege level for a resource control value is defined in the
privilege field of the resource control block as
RCTL_BASIC,
RCTL_PRIVILEGED, or
RCTL_SYSTEM. See
setrctl(2) for more information. You
can use the
prctl command to modify values that are associated with basic
and privileged levels.
In specifying the privilege level of
privileged, you can use the
abbreviation
priv. For example:
task.max-lwps=(priv,1K,deny)
Global and Local Actions on Resource Control Values
There are two categories of actions on resource control values: global
and local.
Global actions apply to resource control values for every resource
control on the system. You can use
rctladm(8) to perform the following
actions:
o Display the global state of active system resource controls.
o Set global logging actions.
You can disable or enable the global logging action on resource controls.
You can set the
syslog action to a specific degree by assigning a
severity level,
syslog=level. The possible settings for
level are as
follows:
o
debug o
info o
notice o
warning o
err o
crit o
alert o
emerg By default, there is no global logging of resource control violations.
Local actions are taken on a process that attempts to exceed the control
value. For each threshold value that is placed on a resource control,
you can associate one or more actions. There are three types of local
actions:
none,
deny, and
signal=. These three actions are used as
follows:
none No action is taken on resource requests for an amount that is greater
than the threshold. This action is useful for monitoring resource
usage without affecting the progress of applications. You can also
enable a global message that displays when the resource control is
exceeded, while, at the same time, the process exceeding the
threshold is not affected.
deny You can deny resource requests for an amount that is greater than the
threshold. For example, a
task.max-lwps resource control with action
deny causes a
fork() system call to fail if the new process would
exceed the control value. See the
fork(2).
signal= You can enable a global signal message action when the resource
control is exceeded. A signal is sent to the process when the
threshold value is exceeded. Additional signals are not sent if the
process consumes additional resources. Available signals are listed
below.
Not all of the actions can be applied to every resource control. For
example, a process cannot exceed the number of CPU shares assigned to the
project of which it is a member. Therefore, a deny action is not allowed
on the
project.cpu-shares resource control.
Due to implementation restrictions, the global properties of each control
can restrict the range of available actions that can be set on the
threshold value. (See
rctladm(8).) A list of available signal actions is
presented in the following list. For additional information about
signals, see
signal(3HEAD).
The following are the signals available to resource control values:
SIGABRT Terminate the process.
SIGHUP Send a hangup signal. Occurs when carrier drops on an open line.
Signal sent to the process group that controls the terminal.
SIGTERM Terminate the process. Termination signal sent by software.
SIGKILL Terminate the process and kill the program.
SIGSTOP Stop the process. Job control signal.
SIGXRES Resource control limit exceeded. Generated by resource control
facility.
SIGXFSZ Terminate the process. File size limit exceeded. Available only to
resource controls with the
RCTL_GLOBAL_FILE_SIZE property
(
process.max-file-size). See
rctlblk_set_value(3C).
SIGXCPU Terminate the process. CPU time limit exceeded. Available only to
resource controls with the
RCTL_GLOBAL_CPUTIME property (
process.max- cpu-time). See
rctlblk_set_value(3C).
Resource Control Flags and Properties
Each resource control on the system has a certain set of associated
properties. This set of properties is defined as a set of flags, which
are associated with all controlled instances of that resource. Global
flags cannot be modified, but the flags can be retrieved by using either
rctladm(8) or the
setrctl(2) system call.
Local flags define the default behavior and configuration for a specific
threshold value of that resource control on a specific process or process
collective. The local flags for one threshold value do not affect the
behavior of other defined threshold values for the same resource control.
However, the global flags affect the behavior for every value associated
with a particular control. Local flags can be modified, within the
constraints supplied by their corresponding global flags, by the
prctl command or the
setrctl system call. See
setrctl(2).
For the complete list of local flags, global flags, and their
definitions, see
rctlblk_set_value(3C).
To determine system behavior when a threshold value for a particular
resource control is reached, use
rctladm to display the global flags for
the resource control . For example, to display the values for
process.max-cpu-time, enter:
$ rctladm process.max-cpu-time
process.max-cpu-time syslog=off [ lowerable no-deny cpu-time inf seconds ]
The global flags indicate the following:
lowerable Superuser privileges are not required to lower the privileged values
for this control.
no-deny Even when threshold values are exceeded, access to the resource is
never denied.
cpu-time SIGXCPU is available to be sent when threshold values of this
resource are reached.
seconds The time value for the resource control.
Use the
prctl command to display local values and actions for the
resource control. For example:
$ prctl -n process.max-cpu-time $$
process 353939: -ksh
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT
process.max-cpu-time
privileged 18.4Es inf signal=XCPU -
system 18.4Es inf none
The
max (
RCTL_LOCAL_MAXIMAL) flag is set for both threshold values, and
the
inf (
RCTL_GLOBAL_INFINITE) flag is defined for this resource control.
An
inf value has an infinite quantity. The value is never enforced.
Hence, as configured, both threshold quantities represent infinite values
that are never exceeded.
Resource Control Enforcement
More than one resource control can exist on a resource. A resource
control can exist at each containment level in the process model. If
resource controls are active on the same resource at different container
levels, the smallest container's control is enforced first. Thus, action
is taken on
process.max-cpu-time before
task.max-cpu-time if both
controls are encountered simultaneously.
ATTRIBUTES
See
attributes(7) for a description of the following attributes:
+--------------------+-----------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-----------------+
|Interface Stability | Evolving |
+--------------------+-----------------+
SEE ALSO
prctl(1),
setrctl(2),
rctlblk_set_value(3C),
libpool(3LIB),
FSS(4),
project(5),
attributes(7),
privileges(7),
zones(7),
pooladm(8),
poolcfg(8),
projadd(8),
projmod(8),
rctladm(8) System Administration Guide: Virtualization Using the Solaris Operating System January 23, 2021
RESOURCE_CONTROLS(7)