1519863528 M * obeardly So can I use vlimit and/or the rlimits/as.hard file to set RAM limits, or do I have to use cgroups? cgroups seems horribly convoluted. 1519864240 M * Bertl_oO while I agree that cgroups are somewhat convoluted, memory limits have been removed from Linux-VServer in favor of using the memory cgroups 1519864270 M * Bertl_oO but you do not need to set them up yourself, util-vserver does that for you 1519864538 Q * sannes Ping timeout: 480 seconds 1519864934 M * obeardly Bertl_oO: I'm trying to script this out, so it would be much easier to drop a limit in a file than anything I'm seeing with cgroups. I still don't understand how util-vserver "does it for me." 1519865057 M * obeardly So this page: http://linux-vserver.org/Memory_Limits is useless then, and I should be using this page:http://linux-vserver.org/util-vserver:Cgroups#using_cgroup_to_enforce_memory_limits 1519865106 M * Bertl_oO for recent kernels/patches, yes 1519865128 M * obeardly Yeh, I'm on 3.18 vs 2.3.7.5 1519865165 M * Bertl_oO which can be considered recent :) 1519865197 M * obeardly Cool. 1519865224 M * Bertl_oO and yes, as you can see on the cgroups page, you just need to put the limits into a config file 1519865256 M * Bertl_oO (similar to the old rlimit/ulimit) and util-vserver takes care of creating and configuring the cgroup 1519865270 M * obeardly But I need to mount /dev/cgroup first, then great a memory.shares file? 1519865285 M * obeardly *create a memory.shares file? 1519865405 M * Bertl_oO all you need is to make sure that cgroups are enabled in the kernel and the util-vserver scripts are run at host bootup 1519865461 M * Bertl_oO putting the limits in /etc/vservers//cgroup/ is enough 1519865479 M * obeardly Okay, so that makes it pretty easy to script it out. 1519865481 M * obeardly Awesome. 1519865671 M * obeardly Is it same to assume if I used your patch that the correct things are enabled in the kernel? 1519865682 M * obeardly *Is it safe 1519865750 M * obeardly The kernel options on the Cgroups docs page aren't the same as in my kernel, but CONFIG_CGROUPS=y is there. 1519865753 M * Bertl_oO there are sane defaults, yes, but you still need to decide what features you want to use (by selecting them during the kernel configuration) 1519865779 M * obeardly Primarily, I need to manage memory. 1519865802 M * obeardly Is this the memory config statement: CONFIG_MEMCG=y 1519865828 M * Bertl_oO CONFIG_MEMCG=y 1519865828 M * Bertl_oO CONFIG_MEMCG_SWAP=y 1519865828 M * Bertl_oO CONFIG_MEMCG_SWAP_ENABLED=y 1519865828 M * Bertl_oO CONFIG_MEMCG_KMEM=y 1519865847 M * Bertl_oO (for 3.18.x) 1519865881 M * obeardly Thanks! That answers my question. This: linux-vserver.org/util-vserver:Cgroups does not have those options. 1519865902 M * Bertl_oO it is quite old ... 1519865915 M * obeardly Is there newer docs I should be looking at? 1519865922 M * Bertl_oO and the kernel changes constantly ... 1519865948 M * Bertl_oO the main documentation for current memory cgroups is in the kernel 1519865963 M * obeardly So I'm going to have to roll a new kernel because I have this in my current kernel: # CONFIG_MEMCG_SWAP_ENABLED is not set 1519865963 M * obeardly # CONFIG_MEMCG_KMEM is not set 1519865990 M * obeardly correct? 1519866010 M * Bertl_oO means you can't limit kernel memory and you won't have swap limits 'by default' 1519866041 M * obeardly SWAP I'm not so much worried about. I just need to make sure elastic and mysql doesn't eat up all of my system memory. 1519866063 M * Bertl_oO then maybe the current config works for you 1519866127 M * Bertl_oO note that my general advice is always to build a custom kernel with all the stuff you need compiled in but also all the drivers and features you don't need disabled 1519866151 M * obeardly I have this: CONFIG_RESOURCE_COUNTERS=y CONFIG_MEMCG=y 1519866166 M * obeardly This should be enough to enable me to manage memory, right? 1519866213 M * Bertl_oO yep, at least for non paged memory 1519866232 M * obeardly What does this do: CONFIG_MEMCG_KMEM 1519866245 M * Bertl_oO limit kernel memory 1519866249 M * obeardly Cool. 1519866254 M * obeardly I don't need that. 1519866282 M * obeardly When you say the newer docs are with the kernel docs, is that on kernel.org or at linux-vserver.org? 1519866330 M * Bertl_oO inside you kernel sources, there is Documentation/cgroups 1519866345 M * obeardly I got it now. Thanks. 1519866352 M * Bertl_oO you're welcome! 1519866353 M * obeardly I really appreciate all your guidance. 1519866408 M * obeardly I have my first test system with 4 VMs built. I'm getting ready to destroy those VMs build some more custom ones, with mem and disk limits. 1519867117 M * Bertl_oO perfect! 1519867128 M * Bertl_oO off to bed now ... have a good one everyone! 1519867133 N * Bertl_oO bertl_zZ 1519872361 J * ksn ~ksn@00019501.user.oftc.net 1519876050 Q * ksn Quit: Bye. 1519892962 M * Ghislain obeardly: vserver most of the time require you to build you own kernel and utils as they are not anymore in the distribs 1519893011 M * Ghislain or the one that are in are obsoletes, so check the versions. Also on debian it put in /var/lib/vservers/ but i dont know in devuan. 1519896138 N * bertl_zZ Bertl 1519896142 M * Bertl morning folks! 1519899151 J * guerby_ ~guerby@ip165.tetaneutral.net 1519899189 Q * guerby Read error: Connection reset by peer 1519907812 Q * gnarface Quit: Leaving 1519908117 M * Bertl off for now ... bbl 1519908119 N * Bertl Bertl_oO 1519909523 J * gnarface ~gnarface@108-227-52-42.lightspeed.irvnca.sbcglobal.net 1519911551 Q * _are_ Ping timeout: 480 seconds 1519913393 J * _are_ ~quassel@2a01:238:4325:ca00:f065:c93c:f967:9285 1519914306 M * obeardly Hey all, do we know if dlimits is still used to control disk space, or is this now handled by cgroups? 1519916754 M * Bertl_oO there are no cgroups for disk space (as far as I know :) 1519916771 M * Bertl_oO your options regarding disk space depend on your setup 1519916792 M * Bertl_oO if you use separate filesystems per guest, the filesystem itself provides the best 'limit' 1519916843 M * Bertl_oO if you have several guests on a shared filesystem, you can either use a filesystem which supports some kind of grouping (groups, project ids, etc) or you can use a filesystem which supports tagging 1519916877 M * Bertl_oO that's where the dlimits come in, they basically keep track of tagged file allocations 1519918441 M * obeardly We really need some better documentation. 1519918464 M * Le_Coyote I find that LVM is a no-brainer for that particular purpose 1519918470 M * Le_Coyote ZFS might be good too 1519918494 M * obeardly How are you doing LVM with vitualized file systems? 1519918504 M * Bertl_oO obeardly: feel free to improve the documentation :) 1519918521 M * obeardly They are just directory structures under your primary file system. 1519918549 M * Bertl_oO you can easily mount a filesystem per guest (the tools will do that for you) 1519918565 M * obeardly I haven't seen that anywhere in the docs. 1519918668 M * Bertl_oO there is an fstab entry (see great flower page :) where you can put your filesystem (or bind) mounts 1519918696 M * Bertl_oO they will be mounted at guest startup and unmounted on shutdown 1519918915 M * obeardly Good to hear. I'll look into it. Why do we have this "great flower page?" Why isn't everything at linux-vserver.org? 1519919027 M * Ghislain Bertl_oO: if the filesystem is not "supported" by vserver it means only quota do not work but the rest will be fine ? 1519919691 M * Bertl_oO it really depends .. some filesystems have support for barrier but not for disk limits 1519919713 M * Bertl_oO others have no support at all, but might be fine because of the way they work 1519919742 M * Bertl_oO obeardly: because the 'great flower page' is automaticall generated from util-vserver code 1519919750 M * Bertl_oO *automatically 1519920250 M * obeardly I still cannot find anything on mounting individual filesystems for VMs. 1519920414 M * obeardly Can I just carve up a bunch of LVM partitions, build the VMs, then manually edit the fstab to mount them? 1519920470 M * Bertl_oO yup, the fstab in /etc/vservers/ that is 1519920549 M * obeardly Okay, thanks. 1519920560 M * obeardly Not a very elegant solution, but I guess it will work. 1519920580 M * Bertl_oO well, as I said, there are other, more elegant solutions as well 1519920599 M * obeardly If you could just point me to some documentation, I would love to learn about them. 1519920661 M * obeardly The files to limit memory, are they memory.limit_in_bytes and memsw.limit_in_bytes? 1519920664 M * Bertl_oO http://linux-vserver.org/util-vserver:Vhashify 1519920715 M * Bertl_oO http://linux-vserver.org/Disk_Limits_and_Quota 1519920743 M * obeardly Do the dlimits statements still do work then? 1519920744 M * Bertl_oO both can be used on e.g. ext3 1519920775 M * obeardly But not ext4? 1519920807 M * Bertl_oO should work on ext4 as well but is not that well tested 1519920819 M * obeardly Okay. 1519920823 M * Bertl_oO so you probably should try it first before deployment 1519920858 M * obeardly I set up my scripts to build everything using dlimits, but based on convos here, it seemed like that was deprecated. 1519921419 M * Bertl_oO dlimits are not deprecated, but they require filesystem tagging 1519921438 M * Bertl_oO and tagging is not something which is implemented on all filesystems 1519921465 M * Bertl_oO so, given that you have a filesystem which supports tagging, then you should be fine with dlimits 1519921498 M * Bertl_oO for unification you also need the atttribute support and CoW link breaking 1519921500 M * obeardly Okay. I just need to make sure my /vservers partition is mounted with tagging options, correct? 1519921519 M * Bertl_oO and that tagging actually works, yes 1519921538 M * obeardly How do I verify if tagging works? 1519921555 M * Bertl_oO there is a testfs script which can help you there 1519921573 M * obeardly Is that on linux-vserver.org? 1519921615 M * Bertl_oO http://vserver.13thfloor.at/Stuff/SCRIPT/ 1519921664 M * Bertl_oO http://linux-vserver.org/Test_Scripts 1519921747 M * obeardly I'm going to lunch, but thanks for all the help. I'll hit this again when I get back. I'd like to have a working prototype by EOD. 1519921866 M * Ghislain yes 1519921958 M * obeardly Ghislain: That was an interesting reply. 1519921973 M * obeardly later. 1519922028 M * Ghislain yes, you just have ton insert it when you say something i agree with as the scrolldown stopped :) ( was for Can I just carve up a bunch of LVM partitions, build the VMs, then manually edit the fstab to mount them? but i am sure you are aware that it is the case) 1519922043 M * Ghislain ;) 1519926034 M * AlexanderS And keep in mind: Unification/Hashification does not work with one partition per guest. 1519928045 M * obeardly Ghislain: Thanks. 1519928082 M * obeardly AlexanderS: I have much looked at the hashification stuff, but it doesn't seem like something I want to get into. 1519928387 M * Bertl_oO it is only relevant if you have a huge number of instances from a very similar template 1519928426 M * obeardly Each VM in my builds will be definitely unique. 1519928430 M * Bertl_oO then it does not only safe disk space it also reduces memory consumption 1519928683 M * obeardly Is this the correct file in which to limit memory usage? 1519928697 M * obeardly THis: /etc/vservers/$server/cgroup/memory.limit_in_bytes 1519928756 M * Bertl_oO for paged in user memory yes 1519928790 M * obeardly I don't understand "paged in user memory" 1519928816 M * Bertl_oO memory held in RAM and belonging to userspace applications 1519928823 M * obeardly If I want my VM to have a hard limit of 32GB RAM, where do I set that? 1519928861 M * Bertl_oO it doesn't cover memory allocated for kernel structures (KMEM) and it doesn't cover pages swapped out 1519928931 M * obeardly I'm just trying to make sure that ElasticSearch doesn't run off with all of my RAM. 1519943360 M * Bertl_oO off to bed now ... have a good one everyone! 1519943362 N * Bertl_oO Bertl_zZ 1519946562 J * sannes ~ace@2a02:fe0:c130:1d90:243a:5d81:2dad:3f61 1519947848 Q * FloodServ helix.oftc.net charon.oftc.net 1519947848 Q * jrklein helix.oftc.net charon.oftc.net 1519947848 Q * ntrs helix.oftc.net charon.oftc.net 1519947848 Q * Aiken helix.oftc.net charon.oftc.net 1519947848 Q * romster__ helix.oftc.net charon.oftc.net 1519947848 Q * gnarface helix.oftc.net charon.oftc.net 1519947848 Q * obeardly helix.oftc.net charon.oftc.net 1519947848 Q * gratuxri helix.oftc.net charon.oftc.net 1519947848 Q * zerick helix.oftc.net charon.oftc.net 1519947848 Q * ggherdov__ helix.oftc.net charon.oftc.net 1519947848 Q * dustinm` helix.oftc.net charon.oftc.net 1519947848 Q * kshannon helix.oftc.net charon.oftc.net 1519947848 Q * AndrewLe1 helix.oftc.net charon.oftc.net 1519947848 Q * jrayhawk helix.oftc.net charon.oftc.net 1519947848 Q * tokkee helix.oftc.net charon.oftc.net 1519947848 Q * geb helix.oftc.net charon.oftc.net 1519947848 Q * PowerKe helix.oftc.net charon.oftc.net 1519947848 Q * Guy- helix.oftc.net charon.oftc.net 1519947848 Q * Jb_boin helix.oftc.net charon.oftc.net 1519947848 Q * BlackPanx helix.oftc.net charon.oftc.net 1519947848 Q * mnemoc helix.oftc.net charon.oftc.net 1519947848 Q * karasz helix.oftc.net charon.oftc.net 1519947848 Q * bzed helix.oftc.net charon.oftc.net 1519947848 Q * DLange helix.oftc.net charon.oftc.net 1519947848 Q * sannes helix.oftc.net charon.oftc.net 1519947848 Q * guerby_ helix.oftc.net charon.oftc.net 1519947848 Q * any0n helix.oftc.net charon.oftc.net 1519947848 Q * DelTree helix.oftc.net charon.oftc.net 1519947848 Q * Ghislain helix.oftc.net charon.oftc.net 1519947848 Q * arekm helix.oftc.net charon.oftc.net 1519947848 Q * daniel_hozac helix.oftc.net charon.oftc.net 1519947848 Q * Hunger helix.oftc.net charon.oftc.net 1519947848 Q * _are_ helix.oftc.net charon.oftc.net 1519947848 Q * padde helix.oftc.net charon.oftc.net 1519947848 Q * DoberMann helix.oftc.net charon.oftc.net 1519947848 Q * l0kit helix.oftc.net charon.oftc.net 1519947848 Q * Bertl_zZ helix.oftc.net charon.oftc.net 1519947848 Q * mcp helix.oftc.net charon.oftc.net 1519947848 Q * funnel helix.oftc.net charon.oftc.net 1519947848 Q * webhat helix.oftc.net charon.oftc.net 1519947848 Q * sladen helix.oftc.net charon.oftc.net 1519947848 Q * Carpoon_ helix.oftc.net charon.oftc.net 1519947848 Q * clopez helix.oftc.net charon.oftc.net 1519947848 Q * Rockj helix.oftc.net charon.oftc.net 1519947848 Q * AlexanderS helix.oftc.net charon.oftc.net 1519947848 Q * Le_Coyote helix.oftc.net charon.oftc.net 1519947848 Q * kolorafa helix.oftc.net charon.oftc.net 1519947848 Q * CcxWrk helix.oftc.net charon.oftc.net 1519948118 J * FloodServ services@services.oftc.net 1519948118 J * DoberMann ~james@2a01:e35:8b44:84c0::2 1519948118 J * funnel ~funnel@0001c7d4.user.oftc.net 1519948118 J * padde ~padde@patrick-nagel.net 1519948118 J * webhat ~quassel@31.25.99.5 1519948118 J * Bertl_zZ herbert@IRC.13thfloor.at 1519948118 J * mcp ~mcp@wolk-project.de 1519948118 J * l0kit ~1oxT@0001b54e.user.oftc.net 1519948118 J * _are_ ~quassel@2a01:238:4325:ca00:f065:c93c:f967:9285 1519948118 J * mnemoc ~amery@kwa.jpi.io 1519948118 J * BlackPanx ~black@93-103-10-34.static.t-2.net 1519948118 J * DLange ~DLange@dlange.user.oftc.net 1519948118 J * Jb_boin ~dedior@proxad.eu 1519948118 J * karasz ~karasz@00015555.user.oftc.net 1519948118 J * bzed ~bzed@bzed.netop.oftc.net 1519948118 J * Guy- ~korn@elan.rulez.org 1519948118 J * PowerKe ~tom@84-198-153-149.access.telenet.be 1519948118 J * geb ~geb@mars.gebura.eu.org 1519948118 J * tokkee ~tokkee@osprey.tokkee.org 1519948118 J * gnarface ~gnarface@108-227-52-42.lightspeed.irvnca.sbcglobal.net 1519948118 J * Aiken ~Aiken@2001:44b8:2168:1000:b26e:bfff:fe2a:b951 1519948118 J * obeardly ~obeardly@12.153.3.33 1519948118 J * gratuxri ~gratuxri@104.207.150.19 1519948118 J * zerick ~zerick@irc.quassel.zerick.io 1519948118 J * romster__ ~romster@158.140.215.184 1519948118 J * kshannon ~kris@server.kris.shannon.id.au 1519948118 J * jrayhawk ~jrayhawk@nursie.omgwallhack.org 1519948118 J * AndrewLe1 ~andrew@210.240.39.201 1519948118 J * ntrs ~ntrs@vault08.rosehosting.com 1519948118 J * ggherdov__ sid11402@id-11402.hathersage.irccloud.com 1519948118 J * dustinm` ~dustinm`@68.ip-149-56-14.net 1519948118 J * jrklein ~cloud@34.234.31.16 1519948134 J * sannes ~ace@2a02:fe0:c130:1d90:243a:5d81:2dad:3f61 1519948134 J * guerby_ ~guerby@ip165.tetaneutral.net 1519948134 J * any0n ~k@5PUAAAR1T.tor-irc.dnsbl.oftc.net 1519948134 J * DelTree ~deplagne@2a00:c70:1:213:246:56:18:2 1519948134 J * Ghislain ~ghislain@81.56.195.31 1519948134 J * arekm ~arekm@000161e0.user.oftc.net 1519948134 J * Hunger ~Hunger@zer0days.com 1519948134 J * daniel_hozac ~daniel@217-211-16-149-no42.tbcn.telia.com 1519948143 J * sladen ~paul@starsky.19inch.net 1519948143 J * Carpoon_ ~Carpoon@carpoon.hu 1519948143 J * clopez ~tau@neutrino.es 1519948143 J * kolorafa ~quassel@root03.itdesk.eu 1519948143 J * Le_Coyote ~smokey@253.242.118.78.rev.sfr.net 1519948143 J * AlexanderS ~Alexander@home.zedat.fu-berlin.de 1519948143 J * Rockj rockj@rockj.net 1519948143 J * CcxWrk ~ccx@asterix.te2000.cz